CVSS 3.1 Score 7.5 of 10 (high)


Published Mar 6, 2024
CWE ID 863


CVE-2024-24761 is a vulnerability in the Galette membership management web application for non-profit organizations. The issue affects versions 1.0.0 and prior to version 1.0.2, where public pages are by default restricted to administrators and staff members only, but can be configured to allow access to up-to-date members or everyone. The vulnerability has a base severity rating of HIGH, with a base score of 7.5, indicating a significant potential danger to organizations. However, it requires no privileges and no user interaction to exploit, making it easier for attackers to gain unauthorized access and potentially compromise the confidentiality of the system. The vulnerability can be remediated by updating to version 1.0.2 or later.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24761 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options