Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/06/05 7:49 p.m.10 views

CVE-2026-29207

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with...

6.5CVSS5.3AI score0.00541EPSS
Exploits0References1
cve
cve
added 2026/05/19 9:18 a.m.27 views

CVE-2026-29207

CVE-2026-29207 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06) and can enable an improper neutralization of template engine elements, with Low-Privilege server-side SSTI that can lead to RCE in the Content component. The recommended remediation is to upgrade to OFBiz 24.09.06 or later....

6.5CVSS5.7AI score0.00541EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/05/19 9:18 a.m.11 views

CVE-2026-29207

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with...

5.7AI score0.00541EPSS
Exploits0References2
euvd
euvd
added 2026/05/19 9:18 a.m.11 views

EUVD-2026-30855

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with...

6.5CVSS5.7AI score0.00541EPSS
Exploits0References1
Rows per page
Query Builder