Lucene search
K

4 matches found

NVD
NVD
added 2024/05/14 3:39 p.m.17 views

CVE-2024-34699

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...

6.5CVSS6.2AI score0.0055EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/13 7:1 p.m.31 views

CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names.

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...

6.5CVSS6.3AI score0.0055EPSS
Exploits0References2
CVE
CVE
added 2024/05/13 7:1 p.m.48 views

CVE-2024-34699

GZ::CTF (prior to v0.20.1) is vulnerable to cross-site scripting by unprivileged users attempting to craft team names; fixed in v0.20.1. The CVE-2024-34699 entry shows CVSS 3.1 base score 6.5 (Medium) with Adjacent access, no privileges, user interaction none, and high availability impact. Remedi...

6.5CVSS6AI score0.0055EPSS
Exploits0References2
OSV
OSV
added 2024/05/13 7:1 p.m.18 views

CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names.

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...

6.5CVSS6.2AI score0.0055EPSS
Exploits0References4
Rows per page
Query Builder