Quehill

**Name of the Vulnerable Software and Affected Versions** Weblate versions prior to 5.6.2 **Description** Weblate is a web-based localization tool that did not correctly validate filenames when restoring project backups. This may allow unauthorized access to files on the server using a crafted ZIP file. **Recommendations** For versions prior to 5.6.2, update to Weblate 5.6.2 to address the issue. As a temporary workaround, do not allow untrusted users to create projects.