Home > Vulnerability Database > WS-2022-0457

Mend.io Vulnerability Database

WS-2022-0457

Good to know:

Date: November 20, 2022

No rate limiting for Remove Account lead to huge Mass mailings in Weblate up to 4.14.1. In versions 4.14.2 and above, it now limits number of sent out e-mails as well, not only number of password guesses.

Language: Python

Severity Score

5.7

Related Resources (2)

Url: https://github.com/WeblateOrg/weblate/commit/d8bc72fea1dc499be85dddfe449bf225d9741fff

Url: https://www.mend.io/vulnerability-database/WS-2022-0457

Severity Score

5.7

Weakness Type (CWE)

Improper Enforcement of Behavioral Workflow

CWE-841

Top Fix

Upgrade Version

Upgrade to version Weblate - 4.14.2

Learn More

CVSS v3.1

Base Score:	5.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2022-0457

Good to know:

Date: November 20, 2022

Language: Python

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?