216.73.217.86

CVE-2025-48884

· Published 04/11/2025 21:15 · Modified 10/11/2025 18:13

Labels: CVE-2025-48884 2025-11-04CVE-2025-48884CWE-79CWE-80[email protected]

Essential information

Published
04/11/2025 21:15
Modified
10/11/2025 18:13
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable to Cross-site Scripting. This issue is fixed in version 1.2.0.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
galette / galette cpe:2.3:a:galette:galette:*:*:*:*:*:*:*:*
galette / galette cpe:2.3:a:galette:galette:1.2.0:alpha:*:*:*:*:*:*

References