CVE-2025-59833
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-10-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| flagforge | flagforge | From 2.1.0 (inc) to 2.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in Flag Forge versions 2.1.0 to before 2.3.0 is that the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object regardless of whether the user has unlocked them. This means users can view all hints for free without paying points, which breaks the intended business logic and reduces the integrity of the challenge system.
How can this vulnerability impact me? :
This vulnerability allows users to access all challenge hints without restriction or payment, undermining the platform's business model and the fairness of the challenges. It can lead to loss of revenue and damage to the platform's reputation as a fair and secure CTF environment.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Flag Forge to version 2.3.0 or later, where the issue has been patched. Until then, restrict access to the API endpoint GET /api/problems/:id to trusted users only to prevent unauthorized viewing of challenge hints.