all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Weblate vulnerabler to improper sanitization of project backupsWeblate is a w...

Add to bookmarks
July 1, 2024, 6:46 p.m. |

CVE | THREATINT - NEW cve.threatint.com

Weblate is a web based localization tool. Prior to version 5.6.2, Weblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access to files ...

access backup files localization may project tool unauthorized unauthorized access version web

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 8 hours ago | cve.threatint.com
amp app file found +7
Red Lion Europe: mbNET.mini vulnerable to OS command injectionA high privileg... 8 hours ago | cve.threatint.com
attacker can command commands +8
Uncontrolled Resource Consumption vulnerability in MESbookUncontrolled Resour... 9 hours ago | cve.threatint.com
attacker can code inject +8
Information exposure vulnerability vulnerability in MESbookInformation exposu... 9 hours ago | cve.threatint.com
access api attacker changing +8
playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 10 hours ago | cve.threatint.com
amp app file found +5
Limited DoS due to permitting creating users with user-defined IDsMattermost ... 12 hours ago | cve.threatint.com
attacker defined dos fail +2
RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x... 12 hours ago | cve.threatint.com
access attacker audit audit logs +7
Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve... 12 hours ago | cve.threatint.com
attacker defined fail ids +3
Timing attack during remote cluster token comparison when shared channels are... 12 hours ago | cve.threatint.com
attack cluster fail mattermost +4

Jobs in InfoSec / Cybersecurity

Find Talent

DHS Architecture Engineering Support

@ General Dynamics Information Technology | USA VA Home Office (VAHOME)
View on infosec-jobs.com

AWS DevOps Engineer

@ Booz Allen Hamilton | USA, VA, Alexandria (6361 Walker Ln)
View on infosec-jobs.com

Senior Engineering Manager | SI&WS

@ Boeing | USA - Saint Charles, MO
View on infosec-jobs.com

SOFTWARE ENGINEER III - Java Full Stack

@ Walmart | IN TN CHENNAI Home Office RMZ Millenia Biz Park
View on infosec-jobs.com

Senior, Software Engineer - Java Lead

@ Walmart | IN TN CHENNAI Home Office RMZ Millenia Biz Park
View on infosec-jobs.com

Full Stack Software Engineer (Associate/Mid-Level))

@ Boeing | USA - Mountain View, CA
View on infosec-jobs.com