CVE-2024-23946
published 2024-02-29CVE-2024-23946: Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue.
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
Possible path traversal in Apache OFBiz allowing file inclusion.
Users are recommended to upgrade to version 18.12.12, that fixes the issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ofbiz | < 18.12.12 | 18.12.12 |
| apache | ofbiz | — | — |
| apache_software_foundation | apache_ofbiz | < 18.12.12 | 18.12.12 |