CVE-2026-47342

CVE-2026-47342 affects Apache OFBiz prior to 24.09.07 and is a privilege-escalation via updateOrRemove authorization bypass. The issue allows a low-privileged authenticated user to obtain higher privileges. The advisory recommends upgrading to 24.09.07 to fix the vulnerability. CVSS 3.1 base scor...

CVE-2026-47342 Apache OFBiz: Privilege Escalation via updateOrRemove Authorization Bypass

A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges This issue affects Apache OFBiz: before 24.09.07. Users are recommended to upgrade to version 24.09.07, which fixes the issue...

PT-2026-48575

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 24.09.07 Description A privilege escalation issue in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges. This is achieved through an authorization bypass in the updateOrRemove...

Apache OFBiz 授权问题漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.07 had an authorization vulnerability; this vulnerability stemmed from an issue wi...