Closed aneshujevic closed 2 months ago
Hi @corydolphin
In this PR I've used Python's repr method to escape special characters and print them as ordinary characters as a bugfix for CVE-2024-1681 - https://nvd.nist.gov/vuln/detail/CVE-2024-1681.
This should resolve https://github.com/corydolphin/flask-cors/issues/349.
Confirmed that the exploit PoC is resolved with this patch
Thank you very much for the contribution and fixing this issue.
Hi @corydolphin
In this PR I've used Python's repr method to escape special characters and print them as ordinary characters as a bugfix for CVE-2024-1681 - https://nvd.nist.gov/vuln/detail/CVE-2024-1681.
This should resolve https://github.com/corydolphin/flask-cors/issues/349.