CNNVD-202509-3942 Information

CNNVD ID

CNNVD-202509-3942

Related CVE

CVE-2025-59841

• CNNVD Published: 2025-09-25

Description (Chinese)

Flag Forge是FlagForge开源的一个易于使用的CTF平台。 Flag Forge 2.2.0版本至2.3.1之前版本存在代码问题漏洞，该漏洞源于会话失效处理不当，可能导致未经授权的操作。

Description (English)

Flag Forge is an easy-to-use CTF platform for the FlagForge open source. There is a code problem loophole in the pre-Flag Forge Version 2.2.0 to 2.3.1 versions, which stems from the mishandling of the session and may lead to unauthorized operations.

Hazard Level

Low

Vulnerability Type

代码问题

Affected Vendor

FlagForge

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/FlagForgeCTF/flagForge/commit/304b6c82a4f76871b336404b91e5cdd8a7d7d5bd https://github.com/FlagForgeCTF/flagForge/security/advisories/GHSA-h6pr-4cwv-6cjg

Patch

https://github.com/FlagForgeCTF/flagForge/releases