Traversal

SCENARIO

A note-taking app with a personal touch. Pick a thumbnail, write your thoughts, and keep everything secure behind JWT-authenticated sessions. The developer put real thought into the authentication system and is confident your notes stay private.

You have full access to the source code. There is more than one vulnerability here, and none of them are enough on their own. Read carefully, connect the dots, and chain what you find.

Flag format: flag{}

Infrastructure

- Docker Container — HTTP on port 5000

Provided Files

- Traversal.zip (1.0 MB)