CVE-2025-58053

Medium CVSS: 4.9

Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.

Vendor

Galette

Product

Galette

CWE

CWE-269

Yayın Tarihi

2025-12-19 17:15:52

Güncelleme

2026-01-05 17:59:50

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-269 Galette MEDIUM Galette 2025

Referanslar

https://github.com/galette/galette/security/advisories/GHSA-r7x8-6r56-498r

Benzer Kayıtlar

Medium

CVE-2025-58052

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to…

Low

CVE-2025-53922

Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to…

Medium

CVE-2025-48076

Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user…

Medium

CVE-2025-48884

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette'…