CVE-2024-11716 | CTFd up to 3.7.4 Bracket CTFd/schemas/users.py validate_bracket_id access control

Inserito da Angelo Barbosa | Dic 31, 2024 | CVE

A vulnerability, which was classified as problematic, was found in CTFd up to 3.7.4. This affects the function validate_bracket_id of the file CTFd/schemas/users.py of the component Bracket Handler. The manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2024-11716. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-11716 | CTFd up to 3.7.4 Bracket CTFd/schemas/users.py validate_bracket_id access control

Post correlati

CVE-2024-30405 | Juniper Junos OS up to 23.2R1 on SRX5000 ALG buffer size (JSA79105)

CVE-2024-6038 | gaizhenbiao ChuanhuChatGPT filter_history keyword permissive regular expression

CVE-2024-30520 | Labib Ahmed Carousel Anything for WPBakery Page Builder Plugin cross site scripting

CVE-2024-46868 | Linux Kernel up to 6.10.10 uefisecapp qcuefi_acquire deadlock (8c6a5a1fc02a/db213b0cfe32)