VYPR
Medium severity6.5OSV Advisory· Published May 14, 2024· Updated Apr 15, 2026

CVE-2024-34699

CVE-2024-34699

Description

GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged user can perform cross-site scripting attacks on other users by constructing malicious team names. This problem has been fixed in v0.20.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Gztimewalker/GzctfOSV2 versions
    v0.1.1, v0.1.2, v0.1.3, …+ 1 more
    • (no CPE)range: v0.1.1, v0.1.2, v0.1.3, …
    • (no CPE)range: <0.20.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.