CVE-2022-25510

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges.

References

https://github.com/FreeTAKTeam/FreeTakServer/issues/292