hashids-with-flask-secret
response-contains-unsanitized-input
insecure-deserialization
dangerous-template-string
avoid_send_file_without_path_sanitization
filename
that could flow to flask.send_file()
function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use flask.send_from_directory
flask-api-method-string-format
unescaped-template-extension
open-redirect