CVE-2019-12426
published 2020-02-06CVE-2019-12426: an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | apache_ofbiz | — | — |
| apache | ofbiz | — | — |
| apache | ofbiz | 16.11.01 – 16.11.06 | — |