CNNVD-202512-3771 Information

CNNVD ID

CNNVD-202512-3771

Related CVE

CVE-2025-53922

• CNNVD Published: 2025-12-19

Description (Chinese)

Galette是Galette开源的一个面向非营利组织的会员管理网络应用程序。 Galette 1.1.4版本至1.2.0之前版本存在安全漏洞，该漏洞源于组管理员可能绕过对贡献和交易的限制。

Description (English)

Galette is a member-managed web application for non-profit organizations that is open to Galette. There was a security loophole in Galette, versions 1.1.4 to 1.2.0, which stemmed from the fact that group administrators might circumvent restrictions on contributions and transactions.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Galette

Published

2025-12-19

Last Modified

2026-02-24

References

https://github.com/galette/galette/security/advisories/GHSA-5jp7-5c38-3pv6 https://access.redhat.com/security/cve/cve-2025-53922

Patch

https://galette.eu/site/