CNNVD-202510-005 Information

CNNVD ID

CNNVD-202510-005

Related CVE

CVE-2025-61587

• CNNVD Published: 2025-10-01

Description (Chinese)

Weblate是Weblate开源的一个 Copyleft 的基于 web 的自由软件持续本地化系统。 Weblate 5.13.2及之前版本存在安全漏洞，该漏洞源于redir参数存在开放重定向，可能导致重定向到攻击者控制的站点。

Description (English)

Weblate is a weblate open source, a web-based free software-based localization system. There is a security loophole in Weblate 5.13.2 and earlier versions, which stems from the open re-direction of the reir parameter, which may lead to a re-direction to the attacker-controlled site.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Weblate

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/WeblateOrg/docker/commit/76518342f65b8af8c2b7f7c5d37f84813c1253a1 https://github.com/WeblateOrg/weblate/commit/6b3d73a310279b5630bca8cbd9ea0be28bc67b63 https://github.com/WeblateOrg/weblate/commit/ec3b900f8a52c5c992d9e7014f09397e159ac381 https://github.com/WeblateOrg/weblate/security/advisories/GHSA-3xhv-r4gx-xw99