Nahid Hasan Limon
·
Published
2025-09-04
·
Updated
2025-09-05
·
CVE-2025-58352
2.1
Low
| Base vector | Vector | AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions:
Weblate versions prior to 5.13.1
Description:
Weblate is a web-based localization tool. Versions prior to 5.13.1 are susceptible to a second factor authentication bypass due to a long session expiry during the second factor verification process. This long session expiry could be used to circumvent rate limiting of the second factor.
Recommendations:
Update to Weblate version 5.13.1 or later.
Fix
Insufficient Session Expiration