Описание
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 18%
0.00056
Низкий
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
около 2 месяцев назад
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
CVSS3: 9.8
debian
около 2 месяцев назад
Galette is a membership management web application for non profit orga ...
EPSS
Процентиль: 18%
0.00056
Низкий
9.8 Critical
CVSS3