Framework is a code library that pprovides reusable code or extensions for common operations. Each framework has a different way to put together its routes, models, views, database interaction and overall appplication configuration.
Django embraces stability as well as a 'batteries included' approach. Flask stays out of the way - it's much more flexible than Django.
Django includes a simple yet powerful ORM(Object Relational Mapping). Flask makes no assumptions about how data is stored - you can choose from plenty of libraries like SQLAlchemy and Peewe.
Django provides authentication, account management, and sessions OUT-OF-THE-BOX.
Flask provides support for cookie-based sessions, but you need to use some of the extensions for account management, authentication, and authorization. (e.g., Flask-Login)
Django comes with a functional admin panel for managing your app. Flask does not ship with anything like this, but the Flask-Admin extension offers all of the asame functionality and a lot more.
Both frameworks allow you to map URLs to views and support funtion and class-based views.
Flask does not support asynchronous request handlesrs. Django supports asynchronous handlers with the introduction of Django 3.1
Both frameworks have in-built support for testing.
Django has built-in protection against a number of common attack vectors like CSRF, XSS, and SQL injection. Flask, on the other hand, has a much smaller codebase so there's less surface area open to attack.
Flask by design, is much more flexible than Django, and it's meant to be extended.