CVE-2025-53631 – FlaskBlog Flask XSS Vulnerability

CVE ID : CVE-2025-53631

Published : Aug. 14, 2025, 4:15 p.m. | 21 minutes ago

Description : flaskBlog is a blog app built with Flask. In versions 2.8.1 and prior, improper sanitization of postContent when submitting POST requests to /createpost leads to arbitrary JavaScript execution (XSS) on all pages the post is reflected on including /, /post/[ID], /admin/posts, and /user/[ID] of the user that made the post. At time of publication, there are no public patches available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2026-9828 – Logback deserialization whitelist bypass for java.lang and java.util

CVE-2026-8990 – Authentication Bypass in Kidsview

CVE-2026-8980 – Privilege Escalation

CVE-2026-8979 – Authentication Bypass