Lucene search
+L

4 matches found

nvd
nvd
added 2024/05/14 3:39 p.m.17 views

CVE-2024-34699

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...

6.5CVSS6.2AI score0.0055EPSS
Exploits0References2
cve
cve
added 2024/05/13 7:1 p.m.48 views

CVE-2024-34699

GZ::CTF (prior to v0.20.1) is vulnerable to cross-site scripting by unprivileged users attempting to craft team names; fixed in v0.20.1. The CVE-2024-34699 entry shows CVSS 3.1 base score 6.5 (Medium) with Adjacent access, no privileges, user interaction none, and high availability impact. Remedi...

6.5CVSS6AI score0.0055EPSS
Exploits0References2
osv
osv
added 2024/05/13 7:1 p.m.18 views

CVE-2024-34699 GZ::CTF allows unprivileged user can perform XSS attacks by constructing malicious team names.

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1...

6.5CVSS6.2AI score0.0055EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/05/13 12:0 a.m.7 views

PT-2024-26116 · Gz::Ctf · Gz::Ctf

Name of the Vulnerable Software and Affected Versions: GZ::CTF versions prior to 0.20.1 Description: The issue allows an unprivileged user to perform cross-site scripting attacks on other users by constructing malicious team names. Recommendations: For versions prior to 0.20.1, update to version...

6.5CVSS6.6AI score0.0055EPSS
Exploits0References4
Rows per page
Query Builder