4 matches found
CVE-2024-38856
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met...
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning ERP system to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...
Exploit for Incorrect Authorization in Apache Ofbiz
CVE-2024-38856-ApacheOfBiz Apache OFBiz is an open source...
CVE-2024-38856 Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met...