GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in `v0.20.1`.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-05-13T19:01:19.774Z

Updated: 2024-08-02T02:59:21.655Z

Reserved: 2024-05-07T13:53:00.132Z

Link: CVE-2024-34699

cve-icon Vulnrichment

Updated: 2024-08-02T02:59:21.655Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:39:28.343

Modified: 2024-11-21T09:19:13.403

Link: CVE-2024-34699

cve-icon Redhat

No data.