mirror of
https://github.com/aljazceru/CTFd.git
synced 2025-12-18 22:44:24 +01:00
d59bfa3578
2.2.3 / 2020-01-21 ================== ### This release includes a critical security fix for CTFd versions >= 2.0.0 All CTFd administrators are recommended to take the following steps: 1. Upgrade their installations to the latest version 2. Rotate the `SECRET_KEY` value 3. Reset the passwords for all administrator users **Security** * This release includes a fix for a vulnerability allowing an arbitrary user to take over other accounts given their username and a CTFd instance with emails enabled **General** * Users will receive an email notification when their passwords are reset * Fixed an error when users provided incorrect team join information