2 matches found
CVE-2021-41261
CVE-2021-41261 affects Galette prior to version 0.9.6, where a stored cross-site scripting vulnerability exists in the preferences footer that can be modified by a site admin. The issue has been fixed in 0.9.6; upgrade all installations to that release. The public sources confirm the vulnerabilit...
CVE-2021-41261 Stored Cross-site Scripting in Galette
Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to stored cross site scripting attacks via the preferences footer. The preference footer can only be altered by a site admin. This issue has been...