A directory traversal vulnerability was discovered in python3-flask-cors, a Flask extension for handling Cross Origin Resource Sharing , allowing to access private resources.