Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multi Factor Authentication Token Improperly Validated On User Login
Vulnerability Description
RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
RATCF 授权问题漏洞
Vulnerability Description
RATCF是一个用于托管Cyber-Security Capture the Flag事件的开源框架。 RATCF 存在授权问题漏洞,该漏洞源于启用多因素身份验证的用户可以在没有有效令牌的情况下登录。
CVSS Information
N/A
Vulnerability Type
N/A