2 matches found
GHSA-XRWR-FCW6-FMQ8 Weblate: SSRF via Project-Level Machinery Configuration
Impact A user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflec...
CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration
Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...