CVE-2025-53922

Low CVSS: 1.3

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue.

Vendor

Galette

Product

Galette

CWE

CWE-863

Yayın Tarihi

2025-12-19 16:15:56

Güncelleme

2026-01-02 14:55:01

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-863 Galette LOW Galette 2025

Referanslar

https://github.com/galette/galette/security/advisories/GHSA-5jp7-5c38-3pv6

Benzer Kayıtlar

Medium

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to…

Medium

CVE-2025-58053

Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating…

Medium

CVE-2025-48076

Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user…

Medium

CVE-2025-48884

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette'…