CNNVD-202512-3810 Information

CNNVD ID

CNNVD-202512-3810

Related CVE

CVE-2025-58053

• CNNVD Published: 2025-12-19

Description (Chinese)

Galette是Galette开源的一个面向非营利组织的会员管理网络应用程序。 Galette 1.2.0之前版本存在安全漏洞，该漏洞源于通过伪造POST请求可提升权限。

Description (English)

Galette is a member-managed web application for non-profit organizations that is open to Galette. There was a security loophole in the previous version of Galette 1.2.0, which arose from the ability to enhance authority by forging a POST request.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Galette

Published

2025-12-19

Last Modified

2026-02-24

References

https://github.com/galette/galette/security/advisories/GHSA-r7x8-6r56-498r https://access.redhat.com/security/cve/cve-2025-58053

Patch

https://galette.eu/site/