Advisories for Pypi/Weblate package

The Markdown renderer used in user comments and other user-provided content didn't properly sanitize some attributes.

The screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user.

An authenticated user with project.add permission (default on hosted Weblate SaaS and for any user holding an active billing/trial plan) can import a crafted project backup ZIP whose components/<name>.json contains an attacker-chosen repo URL pointing at a private address (e.g. http://127.0.0.1:9999/) or using a non-allow-listed scheme (e.g. file://, git://). Weblate persists the component via Component.objects.bulk_create([component])[0], which bypasses Django's full_clean() and therefore never runs the validate_repo_url validator. The URL is subsequently …

When a user changes their password, browser sessions are correctly invalidated via cycle_session_keys(), but DRF API tokens (wlu_* prefix) stored in authtoken_token are not revoked.

The webhook add-on did not utilize existing SSRF protection.

A user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflects up to 200 characters of the response body back to the user in an error message. This constitutes a Server-Side Request Forgery (SSRF) with partial response read.

The project backup didn't filter Git and Mercurial configuration files and this could lead to remote code execution under certain circumstances.

The user patching API endpoint didn't properly limit the scope of edits.

Weblate repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses startswith against the repository root path. This is not path-segment aware and can be bypassed when the external path shares the same string prefix as the repository path (for example, repo and repo_outside).

The translation memory API exposed unintended endpoints, which in turn didn't do proper access control.

The translation memory API exposed unintended endpoints, which in turn didn't do proper access control.

The API for tasks didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope.

The ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects.

The ZIP download feature didn't verify downloaded file and it could follow symlinks outside the repository.

Users were able to obtain add-on configuration via API.

The SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add.

The screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename.

It was possible to overwrite Git configuration remotely and override some of its behavior.

It was possible to read arbitrary files from the server file system using crafted symbolic links in the repository.

It was possible to trigger repository updates for many repositories via a crafted webhook payload.

It was possible to retrieve user notification settings or list all users via API.

It was possible to accept an invitation opened by a different Weblate user.

Weblate leaks the IP address of the project member inviting the user to the project in the audit log.

The verification of the second factor had too long a session expiry. The long session expiry could be used to circumvent rate limiting of the second factor.

The verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing.

The audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters.

When creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code repository URL contains GitHub credentials, the confidential PAT and username are shown in plaintext and get saved into browser history. Moreover, if the request URL is logged, the credentials are written to …

Weblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access to files on the server using a crafted ZIP file.

The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-23915. Reason: This candidate is a reservation duplicate of CVE-2022-23915. Notes: All CVE users should reference CVE-2022-23915 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Weblate didn't correctly sanitize some arguments passed to Git and Mercurial, which allowed changing their behavior in an unintended way.

Due to improper neutralization, it was possible to perform cross-site scripting via crafted user and language names.