PT-2024-17207 · Ctfd · Ctfd
Name of the Vulnerable Software and Affected Versions: CTFd versions prior to 3.7.5 Description: The issue concerns tokens used for account activation and password resetting in CTFd, which can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter...