CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24885 – pwn.college has a XSS on dojo pages
https://notcve.org/view.php?id=CVE-2025-24885
30 Jan 2025 — pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom (unprivileged) dojo pages causes ability for users to create stored XSS. • https://github.com/pwncollege/dojo/security/advisories/GHSA-8m79-rmhw-rg84 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-284: Improper Access Control •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24886 – pwn.college has Symlink LFI in Dojo repos
https://notcve.org/view.php?id=CVE-2025-24886
30 Jan 2025 — pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not required) to perform an LFI from the CTFd container. When a user clones or updates repositories, a check is performed to see if the repository had contained any symlinks. A malicious user could craft a repository with symlinks pointed to sensitive files and then retrieve them using the CTFd website. • https://github.com/pwncollege/dojo/security/advisories/GHSA-fcq8-jqq5-9xmh • CWE-61: UNIX Symbolic Link (Symlink) Following CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •