How severe is CVE-2024-11716?

This vulnerability has a severity rating of MEDIUM with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2024-11716?

This is classified as CWE-837, which is a common weakness in software security.

CVE-2024-11716 - MEDIUM Severity | CVSS N/A

Vulnerability Description

While assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releases from 3.7.0 up to 3.7.4 and was addressed by pull request 2636 https://github.com/CTFd/CTFd/pull/2636 included in 3.7.5 release.

Related Vulnerabilities

CVE-2023-6759

HIGH

CVSS:7.5(High)

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads t...

CWE-8372023

CVE-2024-11301

MEDIUM

CVSS:6.5(Medium)

In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to o...

CWE-8372024

CVE-2024-4629

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, att...

CWE-8372024

CVE-2023-6438

MEDIUM

CVSS:5.3(Medium)

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation lead...

CWE-8372023

CVE-2023-5313

LOW

CVSS:3.7(Low)

A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler...

CWE-8372023

CVE-2023-6467

LOW

CVSS:3.7(Low)

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like H...

CWE-8372023