oss-sec mailing list archives
[CVE-2020-13923] IDOR in Apache OFBiz
From: Jacques Le Roux <jacques.le.roux () les7arts com>
Date: Wed, 15 Jul 2020 14:52:06 +0200
Severity: Important Vendor: The Apache Software Foundation Versions Affected: All versions < 17.12.04 Description: IDOR vulnerability in the order processing feature from ecommerce component. Mitigation: Upgrade to 17.12.04 or manually apply the commit at OFBIZ-11836 ---- Credit: Harshit Shukla <harshit.shukz () gmail com> References: https://ofbiz.apache.org/security.html
Current thread:
- [CVE-2020-13923] IDOR in Apache OFBiz Jacques Le Roux (Jul 15)