2 matches found
PT-2025-39348
Name of the Vulnerable Software and Affected Versions Flag Forge versions prior to 2.2.0 Description The /api/admin/assign-badge endpoint in Flag Forge does not have sufficient access controls. This allows any authenticated user to assign high-privilege badges, such as Staff, to themselves. This...
Flag Forge 安全漏洞
Flag Forge is an easy-to-use CTF platform open-sourced by FlagForge. A security vulnerability exists in Flag Forge version 2.1.0, which stems from a lack of proper access control in the /api/admin/assign-badge endpoint, which could lead to elevation of privilege and administrator role impersonati...