CVE-2025-59827

Flag Forge CT F Platform, version 2.1.0, exposes a privilege escalation risk via /api/admin/assign-badge due to missing access control, allowing any authenticated user to self-assign high-privilege badges (e.g., Staff) and impersonate admins. The issue is mitigated by upgrading to version 2.2.0, ...