4 matches found
CVE-2022-25370
Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...
CVE-2022-25370
Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...
CVE-2022-25370 Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...
CVE-2022-25370
Summary: CVE-2022-25370 affects Apache OFBiz versions 18.12.05 and earlier, due to a vulnerability in the Birt plugin (Birt issue 538142) that enables an unauthenticated stored XSS attack. The attack can inject and execute a payload via the stored XSS vector. Affected software/component: Apache O...