All 10 CVE vulnerabilities found in galette, with AI-generated Chinese analysis, references, and POCs.
Vendor: galette
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58053 | Galette has a privilege escalation vulnerability CWE-269 | 8.8AI | HighAI | 2025-12-19 |
| CVE-2025-58052 | Galette has groups managers access control bypass on Members CWE-863 | 6.5AI | MediumAI | 2025-12-19 |
| CVE-2025-53922 | Galette has access control bypass CWE-863 | 2.7AI | LowAI | 2025-12-19 |
| CVE-2025-48884 | Galette is vulnerable to XSS through Document Type CWE-80 | 6.1AI | MediumAI | 2025-11-04 |
| CVE-2025-48076 | Galette is vulnerable to Cross-site Scripting CWE-87 | 5.4AI | MediumAI | 2025-11-04 |
| CVE-2024-24761 | Galette public pages accessibility restriction CWE-863 | 7.5 | High | 2024-03-06 |
| CVE-2021-41261 | Stored Cross-site Scripting in Galette CWE-79 | 8.1 | High | 2021-12-16 |
| CVE-2021-41262 | SQL Injection in Galette CWE-89 | 8.8 | High | 2021-12-16 |
| CVE-2021-41260 | Missing CSRF checks in Galette CWE-352 | 8.2 | High | 2021-12-16 |
| CVE-2021-21319 | Several stored XSS CWE-79 | 6.8 | Medium | 2021-10-25 |
All 10 known CVE vulnerabilities affecting galette with full Chinese analysis, references, and POCs where available.