Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a
pre-authentication attack.
This issue affects Apache OFBiz: before 18.12.07.
[
{
"defaultStatus": "affected",
"product": "Apache OFBiz",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "18.12.07",
"status": "affected",
"version": "18.12.06",
"versionType": "custom"
}
]
}
]
www.openwall.com/lists/oss-security/2023/04/18/5
www.openwall.com/lists/oss-security/2023/04/18/9
www.openwall.com/lists/oss-security/2023/04/19/1
www.openwall.com/lists/oss-security/2023/04/19/6
lists.apache.org/thread/k8s76l0whydy45bfm4b69vq0mf94p3wc
ofbiz.apache.org/download.html
ofbiz.apache.org/security.html