CNNVD-202512-3811 Information

CNNVD ID

CNNVD-202512-3811

Related CVE

CVE-2025-58052

• CNNVD Published: 2025-12-19

Description (Chinese)

Galette是Galette开源的一个面向非营利组织的会员管理网络应用程序。 Galette 0.9.6版本至1.2.0之前版本存在安全漏洞，该漏洞源于组管理员可绕过限制，可能导致未经授权的访问和更改。

Description (English)

Galette is a member-managed web application for non-profit organizations that is open to Galette. Prior to Galette versions 0.9.6 to 1.2.0, there was a security loophole, which stemmed from the fact that group administrators could circumvent restrictions and could lead to unauthorized access and change.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Galette

Published

2025-12-19

Last Modified

2026-02-24

References

https://github.com/galette/galette/security/advisories/GHSA-gp9g-gf56-fcxx https://access.redhat.com/security/cve/cve-2025-58052

Patch

https://galette.eu/site/