Unrated severityOSV Advisory· Published Dec 19, 2025· Updated Dec 19, 2025
Galette has a privilege escalation vulnerability
CVE-2025-58053
Description
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/galette/galette/security/advisories/GHSA-r7x8-6r56-498rmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.