4 matches found
CVE-2024-34699
GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...
CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names.
GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...
CVE-2024-34699
GZ::CTF (prior to v0.20.1) is vulnerable to cross-site scripting by unprivileged users attempting to craft team names; fixed in v0.20.1. The CVE-2024-34699 entry shows CVSS 3.1 base score 6.5 (Medium) with Adjacent access, no privileges, user interaction none, and high availability impact. Remedi...
CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names.
GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...