CVE-2023-30861 – Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header
https://notcve.org/view.php?id=CVE-2023-30861
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send one client's `session` cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met. 1. • https://github.com/JawadPy/CVE-2023-30861-Exploit https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965 https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://lists.debian.org/debian-lts-announce/2023/08/msg00024.html https://security.netapp.com/advisory/ntap-20230818 • CWE-488: Exposure of Data Element to Wrong Session CWE-539: Use of Persistent Cookies Containing Sensitive Information •