CVE-2025-59843

MEDIUM

Flag Forge <2.3.2 - Info Disclosure

Title source: llm

Description

Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/[username] returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public API responses while keeping the endpoint publicly accessible. Users should upgrade to version 2.3.2 or later to eliminate exposure. There are no workarounds for this vulnerability.

Exploits (1)

nomisec WORKING POC 1 stars

by At0mXploit · poc

https://github.com/At0mXploit/CVE-2025-59843-CVE-2025-59932

View Code ZIP pw:eip

References (4)

[Vendor Advisory] https://github.com/FlagForgeCTF/flagForge/security/advisories/GHSA-qqjv-8r5p-7xpj

[Patch] https://github.com/FlagForgeCTF/flagForge/commit/1b033f1b6e20fbf6df422d5d1afc9b2347528ace

[Various Sources] https://github.com/FlagForgeCTF/flagForge/compare/v2.3.1...v2.3.2

[Release Notes] https://github.com/FlagForgeCTF/flagForge/releases/tag/v2.3.1

Scores

CVSS v3 5.3

EPSS 0.0002

EPSS Percentile 3.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-359

Status published

Products (1)

flagforge/flagforge 2.0 - 2.3.1

Published Sep 26, 2025

Tracked Since Feb 18, 2026