Kevin Chung
Kevin Chung
Calling this SQL injection is a bit of a stretch unless you can query information about other tables. Notifications are currently intended to be borderline public. In the future they...
You are able to use manage.py to import via the CLI. Something like `python manage.py import_ctf export.zip`
I like the core idea but I think it will be a very difficult PR to land. I would consider it for maybe 3.7 or 4.0 release but you would...
I took a quick skim through your branch and I like the general idea. I think I would rather a few ideas: * Instead of storing translations in Python storing...
I think the code here is designed in a way so that we can capture the error and decide what to do with it. Some places in CTFd will surface...
An admin being able to get a user's token isn't really a vulnerability in the case of CTFd. An admin could just as easily reset the password ofa user and...
I get the idea here and see how it could be useful but I feel like this complicates a pretty simple solution. I prefer to view the plugins as self...
Hi I would recommend running CTFd from the Docker image because all the dependencies will be pre-installed for you already.
I actually have a need for the function you created so thanks for filing this! I do wonder if there's a way we could make use of the original query_string...
Hi there, thank you for creating a PR for this. What's unclear to me is shouldn't Azure's blob storage be API compatible with S3? I am pretty sure most object...