CVE-2025-58053
Unknown Unknown - Not Provided
Privilege Escalation via Forged POST in Galette

Publication date: 2025-12-19

Last updated on: 2025-12-19

Assigner: GitHub, Inc.

Description
Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-19
Last Modified
2025-12-19
Generated
2026-06-16
AI Q&A
2025-12-20
EPSS Evaluated
2026-06-14
NVD
CVE-2025-58053
EUVD
EUVD-2025-204571
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
galette galette *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability can be detected by monitoring for self-forged POST requests attempting to update existing accounts in Galette versions prior to 1.2.0. Specifically, inspecting HTTP POST traffic to the Galette application for unusual or unauthorized account update attempts may indicate exploitation attempts. Since the vulnerability involves privilege escalation via crafted POST requests, commands such as using network traffic analysis tools (e.g., tcpdump or Wireshark) to filter HTTP POST requests to the Galette server can help detect suspicious activity. For example, using tcpdump: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then searching for POST requests with account update parameters. Additionally, reviewing web server logs for POST requests to account update endpoints with unusual parameters or from unexpected IP addresses can help detect exploitation attempts. However, no specific detection commands or signatures are provided in the available resources. [1]

Executive Summary

CVE-2025-58053 is a critical privilege escalation vulnerability in the Galette membership management web application. Before version 1.2.0, an attacker could send a self-forged POST request to update any existing account and thereby gain higher privileges than intended. This flaw allows unauthorized privilege escalation by manipulating account updates. [1]

Impact Analysis

This vulnerability can allow an attacker to escalate their privileges within the Galette application, potentially gaining unauthorized access to sensitive functions or data. This could lead to unauthorized account modifications, data breaches, or misuse of administrative capabilities in the affected system. [1]

Mitigation Strategies

Upgrade Galette to version 1.2.0 or later, as this version fixes the privilege escalation vulnerability caused by self-forged POST requests. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58053. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart