Описание
Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and insert an XSS payload. This issue is fixed in version 1.2.0.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.0 (исключая)
Одно из
cpe:2.3:a:galette:galette:*:*:*:*:*:*:*:*
cpe:2.3:a:galette:galette:1.2.0:alpha:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-87
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
3 месяца назад
Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and insert an XSS payload. This issue is fixed in version 1.2.0.
CVSS3: 5.4
debian
3 месяца назад
Galette is a membership management web application for non profit orga ...
EPSS
Процентиль: 12%
0.00041
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-87
CWE-79