Описание
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.0 (исключая)
cpe:2.3:a:galette:galette:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-269
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 2 месяцев назад
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
CVSS3: 9.8
debian
около 2 месяцев назад
Galette is a membership management web application for non profit orga ...
EPSS
Процентиль: 18%
0.00056
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-269
NVD-CWE-noinfo