3 matches found
PT-2026-22201
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.16.1 Description Weblate’s REST API AddonViewSet in weblate/api/views.py line 2831 did not properly restrict access to addon information based on user permissions. Specifically, the queryset = Addon.objects.all...
EUVD-2023-36950
Malicious code in bioql PyPI...
Improper Authorization in janeczku/calibre-web
Description With default settings, low-level users will not have permission to edit the sort order of books in private shelf of another user. However, due to incorrect checking, the application does not work as intended. Proof of Concept - Step 1: Login with admin account and go to...