Unrated severityNVD Advisory· Published Oct 5, 2020· Updated Aug 4, 2024
Sensitive data exposure in RACTF
CVE-2020-15235
Description
In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched.
Affected products
2- ractf/corev5Range: < f3dc89b
Patches
Vulnerability mechanics
References
2- github.com/ractf/core/commit/f3dc89b9f6ab1544a289b3efc06699b13d63e0bdmitrex_refsource_MISC
- github.com/ractf/core/security/advisories/GHSA-ph67-c355-52vmmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.