[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] [CVE-2020-13923] IDOR in Apache OFBiz
From: Jacques Le Roux <jacques.le.roux () les7arts ! com>
Date: 2020-07-15 12:52:06
Message-ID: 80419b02-d26e-ed33-dc58-afecf4442ffb () les7arts ! com
[Download RAW message or body]
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
All versions < 17.12.04
Description:
IDOR vulnerability in the order processing feature from ecommerce component.
Mitigation:
Upgrade to 17.12.04 or manually apply the commit at OFBIZ-11836
----
Credit:
Harshit Shukla <harshit.shukz@gmail.com>
References:
https://ofbiz.apache.org/security.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic