AI Score
Confidence
High
EPSS
Percentile
97.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: before 18.12.16.
Users are recommended to upgrade to version 18.12.16, which fixes the issue.
[
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_ofbiz:*:*:*:*:*:*:*:*"
],
"vendor": "apache_software_foundation",
"product": "apache_ofbiz",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "18.12.16",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]