Apache Apache Ofbiz
4 CVEs affecting Apache Apache Ofbiz. Latest disclosed: 2020-04-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-0235 | | 2020-04-30 | Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks. | |
CVE-2019-12425 | | 2020-04-30 | Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host | |
CVE-2020-1943 | | 2020-04-01 | Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. | |
CVE-2019-12426 | | 2020-02-06 | an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06 |