PT-2020-15180 · Apache · Apache Ofbiz
Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions 16.11.01 through 16.11.07 Description: The issue allows for XSS attacks due to unsanitized data sent with the contentId to the "/control/stream" API endpoint. Recommendations: For Apache OFBiz versions 16.11.01 through...