← voltar
CVE-2025-58352

Weblate has long session expiry times during second factor verification

CVSS 2.1 LOWEPSS 0.3%CWE-613
Weblate is a web based localization tool. Versions lower than 5.13.1 contain a vulnerability that causes long session expiry during the second factor verification. The long session expiry could be used to circumvent rate limiting of the second factor. This issue is fixed in version 5.13.1.
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
WeblateOrg · weblate

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/WeblateOrg/weblate/commit/0b46fe596231dd456283ead66699ae5516f23908https://github.com/WeblateOrg/weblate/pull/16002https://github.com/WeblateOrg/weblate/security/advisories/GHSA-377j-wj38-4728