In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Flask-Security to version 5.8.1 or higher.
Flask-Security is a Simple security for Flask apps.
Affected versions of this package are vulnerable to Open Redirect via the validate_redirect_url function. An attacker can redirect users to an attacker-controlled domain by crafting a specially formatted URL containing a backslash in the authority component, which bypasses subdomain validation. This is only exploitable if subdomain redirects are enabled in the configuration.