Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, non-admin users can create arbitrary challenges, potentially introducing malicious, incorrect, or misleading content. This issue has been patched in version 2.2.0.
References
Link | Resource |
---|---|
https://github.com/FlagForgeCTF/flagForge/security/advisories/GHSA-q7pg-qchv-3pc5 | Vendor Advisory |
Configurations
History
08 Oct 2025, 16:35
Type | Values Removed | Values Added |
---|---|---|
First Time |
Flagforge
Flagforge flagforge |
|
References | () https://github.com/FlagForgeCTF/flagForge/security/advisories/GHSA-q7pg-qchv-3pc5 - Vendor Advisory | |
CPE | cpe:2.3:a:flagforge:flagforge:2.1.0:*:*:*:*:*:*:* |
23 Sep 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-09-23 21:15
Updated : 2025-10-08 16:35
NVD link : CVE-2025-59826
Mitre link : CVE-2025-59826
CVE.ORG link : CVE-2025-59826
JSON object : View
Products Affected
flagforge
- flagforge
CWE
CWE-862
Missing Authorization