Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tolgee' API keys created by server admin users bypass the permission check
Vulnerability Description
Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in v3.57.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Tolgee 安全漏洞
Vulnerability Description
Tolgee是一个开源的多语言翻译和本地化平台,旨在帮助开发团队轻松管理和维护多语言的软件应用程序和网站。 Tolgee v3.57.2版本存在安全漏洞,该漏洞源于允许攻击者使用服务器管理员创建的API密钥绕过权限检查。
CVSS Information
N/A
Vulnerability Type
N/A