Input validation

2020-01-2323:15:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance. To exploit the vulnerability, one must register with a username identical to the victim’s username, but with white space inserted before and/or after the username. This will register the account with the same username as the victim. After initiating a password reset for the new account, CTFd will reset the victim’s account password due to the username collision.

CPENameOperatorVersion
ctfdge2.0.0
ctfdle2.2.2

CPE	Name	Operator	Version
	ctfd	ge	2.0.0
	ctfd	le	2.2.2

References

github.com/CTFd/CTFd/pull/1218

github.com/CTFd/CTFd/releases/tag/2.2.3