Security Advisory

CVE-2024-48962

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-18 08:41:30

Last updated 2026-05-04 14:55:28

Assigner apache

State PUBLISHED

Description

Improper Control of Generation of Code (Code Injection), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.17. Users are recommended to upgrade to version 18.12.17, which fixes the issue.

← Browse all CVEs View on cve.org ↗