Have CSRF vulnerabilities. #12
Description
Detail about CSRF can be found here:
https://en.wikipedia.org/wiki/Cross-site_request_forgery
Flask CSRf protection demo can be found here:
http://flask.pocoo.org/snippets/3/
And if use flask-WTF, need to do nothing to avoid CSRF.