Primary

Context

Galette Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability exists in Galette versions prior to 1.2.0. By sending a self-forged POST request to update an existing account, a user can gain higher privileges. This issue has been addressed in version 1.2.0.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a user to gain elevated rights or access within the application.

Remediation

Users are advised to upgrade to Galette version 1.2.0.

Added: Dec 19, 2025, 5:22 PM

Updated: Dec 19, 2025, 6:06 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

5.0

exploitability

4.8

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

5.0

exploitability

4.8

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Galette Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Galette

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating