Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Galette has access control bypass
Vulnerability Description
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Galette 安全漏洞
Vulnerability Description
Galette是Galette开源的一个面向非营利组织的会员管理网络应用程序。 Galette 1.1.4版本至1.2.0之前版本存在安全漏洞,该漏洞源于组管理员可能绕过对贡献和交易的限制。
CVSS Information
N/A
Vulnerability Type
N/A