CVE-2025-43931

CRITICAL EPSS 26.0%

Published Jul 7, 202511mo ago · Modified Jun 17, 20261w ago

9.8 CVSS 3.1

Critical

Published Jul 7, 2025 11mo ago

Last Modified Jun 17, 2026 1w ago

Description

flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.

CVSS Details

Base Score

9.8

Exploitability

3.9

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

26.0% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-640

References 2

gist.github.com https://gist.github.com/BrookeYangRui/19fcc6c19df7bb4d8437476c609a6129
github.com https://github.com/MaxHalford/flask-boilerplate/blob/a170e7cec605906801680567c4279b30ccd9630b/app/views/user.py#L103-L126

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.