Tolgee Tolgee-platform
6 CVEs affecting Tolgee Tolgee-platform. Latest disclosed: 2026-03-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52297 | Critical | 9.8 | 2024-11-12 | Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users… |
CVE-2023-38510 | High | 8.1 | 2023-07-27 | Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fa… |
CVE-2024-32470 | Medium | 6.5 | 2024-04-18 | Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced i… |
CVE-2023-41316 | Medium | 5.5 | 2023-09-07 | Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. R… |
CVE-2024-32466 | Low | 2.7 | 2024-04-18 | Tolgee is an open-source localization platform. For the `/v2/projects/translations` and `/v2/projects/{projectId}/translations` endpoints, translation data was… |
CVE-2026-32251 | | 2026-03-12 | Tolgee is an open-source localization platform. Prior to 3.166.3, the XML parsers used for importing Android XML resources (.xml) and .resx files don't disable… |