CNNVD-202511-126 Information

CNNVD ID

CNNVD-202511-126

Related CVE

CVE-2025-48884

• CNNVD Published: 2025-11-04

Description (Chinese)

Galette是Galette开源的一个面向非营利组织的会员管理网络应用程序。 Galette 1.1.5.2及之前版本存在安全漏洞，该漏洞源于Document Type容易受到跨站脚本攻击。

Description (English)

Galette is a member-managed web application for non-profit organizations that is open to Galette. Galette 1.1.5.2 and previous versions had a security loophole, which stemmed from the vulnerability of Document Type to cross-site attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Galette

Published

2025-11-04

Last Modified

2026-02-24

References

https://github.com/galette/galette/security/advisories/GHSA-3rc3-rc5x-vmr4 https://access.redhat.com/security/cve/cve-2025-48884

Patch

https://github.com/galette/galette