If you think you have identified a security issue with a Weblate project, do not open a public issue.
To responsibly report a security issue, please navigate to the Security tab for the repository and click “Report a vulnerability”:
Be sure to include as much detail as necessary in your report. As with reporting normal issues, a minimal reproducible example will help the maintainers address the issue faster.
Only the latest release is guaranteed to receive security fixes.
The security advisory is typically published together with the release addressing the vulnerability.