OR
     *cpe:2.3:a:ctfd:ctfd:*:*:*:*:*:*:*:* versions from (including) 2.0.0 up to (including) 2.2.2

NIST (AV:N/AC:M/Au:N/C:P/I:P/A:P)

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST CWE-640

https://github.com/CTFd/CTFd/pull/1218 No Types Assigned

https://github.com/CTFd/CTFd/pull/1218 Third Party Advisory

https://github.com/CTFd/CTFd/releases/tag/2.2.3 No Types Assigned

https://github.com/CTFd/CTFd/releases/tag/2.2.3 Release Notes

Incorrect username validation in the registration processes of CTFd through 2.2.2 allows a remote attacker to take over an arbitrary account after initiating a password reset. This is related to register() and reset_password() in auth.py. To exploit the vulnerability, one must register with a username similar to the admin, but with spaces inserted before and after the username. This will register the account with the same username as the admin. After a reset of the password for this new account,

Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance. To exploit the vulnerability, one must register with a username identical to the victim's username, but with white space inserted before and/or after the username. This will register the account with the same username as the victim. After initiating a password reset for the new account, CTFd wi