2 matches found
CVE-2018-17200
creationtimestamp| type| source ---|---|--- 2019-09-12 00:31:34+00:00| seen| https://t.me/cibsecurity/6688...
CVE-2018-17200
The CVE-2018-17200 entry concerns the Apache OFBiz HTTP engine (HttpEngine.java) handling HTTP service requests via /webtools/control/httpService. The vulnerability arises from deserializing the serviceContent parameter with XStream; although the XStream instance is guarded by disabling ProcessBu...