CVE-2025-48884

Medium CVSS: 5.3

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable to Cross-site Scripting. This issue is fixed in version 1.2.0.

Vendor

Galette

Product

Galette

CWE

CWE-80

Yayın Tarihi

2025-11-04 21:15:37

Güncelleme

2025-11-10 18:13:05

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-80 Galette MEDIUM Galette 2025

Referanslar

https://github.com/galette/galette/security/advisories/GHSA-3rc3-rc5x-vmr4

Benzer Kayıtlar

Medium

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to…

Medium

CVE-2025-58053

Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating…

Low

CVE-2025-53922

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to…

Medium

CVE-2025-48076

Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user…