Vulnerabilidades en CTFd
2 resultadosCVE-2024-11716MEDIUMWhile assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation alEPSS 11.7%CVE-2024-11717MEDIUMTokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sentEPSS 0.6%