Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FlagForgeCTF Vulnerable to Unauthorized Problem Creation
Vulnerability Description
Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, non-admin users can create arbitrary challenges, potentially introducing malicious, incorrect, or misleading content. This issue has been patched in version 2.2.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Vulnerability Type
授权机制缺失
Vulnerability Title
Flag Forge 安全漏洞
Vulnerability Description
Flag Forge是FlagForge开源的一个易于使用的CTF平台。 Flag Forge 2.1.0版本存在安全漏洞,该漏洞源于非管理员用户可以创建任意挑战,可能导致恶意、错误或误导性内容。
CVSS Information
N/A
Vulnerability Type
N/A