Vulnerability Details CVE-2025-59932
Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.1, the /api/resources endpoint previously allowed POST and DELETE requests without proper authentication or authorization. This could have enabled unauthorized users to create, modify, or delete resources on the platform. The issue has been fixed in FlagForge version 2.3.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.1%
CVSS Severity
CVSS v3 Score 8.6