lin-cms@0.3.0a3 vulnerabilities

A simple and practical CMS implememted by flask

Known vulnerabilities in the lin-cms package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Access Restriction Bypass Lin-CMS is a Lin-CMS-Flask-Core. Affected versions of this package are vulnerable to Access Restriction Bypass. It allows attackers to escalate privileges to Super Administrator. How to fix Access Restriction Bypass? There is no fixed version for `Lin-CMS`.	[0,)
M Cross-site Scripting (XSS) Lin-CMS is a Lin-CMS-Flask-Core. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `Username` parameter of the component `app/api/cms/user.py`. How to fix Cross-site Scripting (XSS)? There is no fixed version for `Lin-CMS`.	[0,)
M Improper Authentication Lin-CMS is a Lin-CMS-Flask-Core. Affected versions of this package are vulnerable to Improper Authentication. Remote attackers can obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. How to fix Improper Authentication? There is no fixed version for `Lin-CMS`.	[0,)
M Insufficient Rate Limiting Lin-CMS is a Lin-CMS-Flask-Core. Affected versions of this package are vulnerable to Insufficient Rate Limiting. Improper Authentication allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component `app/api/cms/user.py`. How to fix Insufficient Rate Limiting? There is no fixed version for `Lin-CMS`.	[0,)