pkg:PyPI/web2py

All known vulnerabilities

• CRITICAL9.8CVE-2016-3953web2py remote code execution via hardcoded encryption key in session.connect function
  from 0, < 2.14.2
• CRITICAL9.8CVE-2016-10321web2py is vulnerable to password brute-force attack
  from 0, < 2.14.6
• MEDIUM6.1CVE-2023-22432Open redirect in web2py
  from 0, < 2.23.1
• MEDIUM6.1Open redirect in web2py
  from 0, < 2.22.5
• MEDIUM5.5web2py exposure of sensitive information
  from 0, < 2.14.2
• MEDIUM4.8Web2py Reflected XSS vulnerability
  from 0, <= 2.14.5
• MEDIUM4.7web2py has an Open Redirect Vulnerability
  from 0, < 3.1.1
• MEDIUM4.5Web2py Cross-Site Request Forgery vulnerability
  from 0, < 2.14.6