CVE-2026-14800

Severity CVSS v4.0:
LOW
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
06/07/2026
Last modified:
06/07/2026

Description

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.