CVE-2023-33386

Name of the Vulnerable Software and Affected Versions MarsCTF version 1.2.1

Description The issue is related to an arbitrary file upload vulnerability in the interface for uploading attachments in the background. This allows for potential malicious file uploads.

Recommendations For MarsCTF version 1.2.1, consider restricting access to the attachment upload interface in the background until a fix is available. As a temporary workaround, disabling the file upload functionality can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.