Apache

Ofbiz

76 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.44%
  • Veröffentlicht 19.05.2026 09:30:19
  • Zuletzt bearbeitet 19.05.2026 19:16:48

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.42%
  • Veröffentlicht 19.05.2026 09:28:29
  • Zuletzt bearbeitet 19.05.2026 19:16:47

Improper Access Control vulnerability in Apache OFBiz in multi-tenant deployments. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.52%
  • Veröffentlicht 19.05.2026 09:27:05
  • Zuletzt bearbeitet 19.05.2026 19:16:47

Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.49%
  • Veröffentlicht 19.05.2026 09:24:39
  • Zuletzt bearbeitet 19.05.2026 19:16:47

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.0...

  • EPSS 0.59%
  • Veröffentlicht 19.05.2026 09:22:49
  • Zuletzt bearbeitet 19.05.2026 19:16:47

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OF...

  • EPSS 0.57%
  • Veröffentlicht 19.05.2026 09:21:18
  • Zuletzt bearbeitet 19.05.2026 19:16:47

Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.47%
  • Veröffentlicht 19.05.2026 09:19:30
  • Zuletzt bearbeitet 19.05.2026 19:16:46

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.54%
  • Veröffentlicht 19.05.2026 09:18:18
  • Zuletzt bearbeitet 19.05.2026 19:16:46

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in...

  • EPSS 0.68%
  • Veröffentlicht 19.05.2026 09:16:59
  • Zuletzt bearbeitet 19.05.2026 19:16:46

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • EPSS 0.76%
  • Veröffentlicht 12.11.2025 09:16:58
  • Zuletzt bearbeitet 13.11.2025 15:04:42

Reflected cross-site scripting vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to version 24.09.03, which fixes the issue.