CVE-2024-48962 – Apache OFBiz Code Injection and CSRF Vulnerability

CVE ID : CVE-2024-48962

Published : Nov. 18, 2024, 9:15 a.m. | 1 hour, 1 minute ago

Description : Improper Control of Generation of Code (‘Code Injection’), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz.

This issue affects Apache OFBiz: before 18.12.17.

Users are recommended to upgrade to version 18.12.17, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-48962 – Apache OFBiz Code Injection and CSRF Vulnerability