CVE-2025-48076

Medium CVSS: 5.3

Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and insert an XSS payload. This issue is fixed in version 1.2.0.

Vendor

Galette

Product

Galette

CWE

CWE-87

Yayın Tarihi

2025-11-04 21:15:37

Güncelleme

2025-11-10 18:14:15

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-87 Galette MEDIUM Galette 2025

Referanslar

https://github.com/galette/galette/security/advisories/GHSA-ccwq-mxx3-chvh

Benzer Kayıtlar

Medium

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to…

Medium

CVE-2025-58053

Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating…

Low

CVE-2025-53922

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to…

Medium

CVE-2025-48884

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette'…