CVE-2020-5290

Name of the Vulnerable Software and Affected Versions RedpwnCTF versions prior to 2.3

Description The issue is related to a session fixation vulnerability that can be exploited through the #token=$ssid hash when making a request to the "/verify" endpoint. An attacker could potentially steal flags by exploiting a stored XSS payload in a CTF challenge, causing victim teams to be signed into the attacker's account unknowingly. This allows the attacker to gain points from the victims.

Recommendations For versions prior to 2.3, update to version 2.3 to resolve the issue. As a temporary workaround, consider restricting access to the "/verify" endpoint or disabling the use of the #token=$ssid hash until the update is applied. Avoid using the #token=$ssid hash in the "/verify" endpoint until the issue is resolved.