漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Weblate lacks rate limiting when verifying second factor
Vulnerability Description
Weblate is a web based localization tool. Prior to version 5.12, the verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing. This issue has been patched in version 5.12.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
Weblate 安全漏洞
Vulnerability Description
Weblate是Weblate开源的一个 Copyleft 的基于 web 的自由软件持续本地化系统。 Weblate 5.12之前版本存在安全漏洞,该漏洞源于第二因素验证未进行速率限制,可能导致OTP猜测。
CVSS Information
N/A
Vulnerability Type
N/A