CVE-2021-41260

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-41260

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-41260.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-41260

Aliases

GHSA-hw28-c7px-xqm5

Downstream

UBUNTU-CVE-2021-41260

Published

2021-12-16T18:15:08.200Z

Modified

2026-05-16T03:55:01.916377195Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 do not check for Cross Site Request Forgery attacks. All users are advised to upgrade to 0.9.6 as soon as possible. There are no known workarounds for this issue.

References

https://github.com/galette/galette/security/advisories/GHSA-hw28-c7px-xqm5
https://github.com/galette/galette/commit/a5602bca2566f1be370631c3ab2d40feedd4b3ad

CVE-2021-41260

Affected packages