CVE-2024-34699

Published May 14th, 2024

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in `v0.20.1`.

GZTimeWalker/GZCTF

The GZ::CTF project, an open source CTF platform.

GitHub

1.54K