← volver
CVE-2025-58352

Weblate has long session expiry times during second factor verification

CVSS 2.1 LOWEPSS 0.3%CWE-613
Weblate is a web based localization tool. Versions lower than 5.13.1 contain a vulnerability that causes long session expiry during the second factor verification. The long session expiry could be used to circumvent rate limiting of the second factor. This issue is fixed in version 5.13.1.
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
WeblateOrg · weblate

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/WeblateOrg/weblate/commit/0b46fe596231dd456283ead66699ae5516f23908https://github.com/WeblateOrg/weblate/pull/16002https://github.com/WeblateOrg/weblate/security/advisories/GHSA-377j-wj38-4728