CVE-2024-24761

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 6, 2024

CWE ID 863

Summary

CVE-2024-24761 is a vulnerability affecting the Galette membership management web application used by non-profit organizations. Prior to version 1.0.2, public pages were inadvertently restricted to administrators, staff members, and up-to-date members by default. This oversight could limit access to essential information for the general public. Version 1.0.2 addresses this issue with proper access configurations, ensuring public pages are available to all intended audiences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uVG78Q
https://www.cve.org/CVERecord?id=CVE-2024-24761
https://nvd.nist.gov/vuln/detail/CVE-2024-24761

Back to Vulnerability Database

CVE-2024-24761

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations