The Apache OFBiz community is pleased to announce the new release "Apache
OFBiz 18.12.12".
Apache OFBiz® is an open source product for the automation of enterprise
processes that includes framework components and business applications.
http://ofbiz.apache.org/
"Apache OFBiz 18.12.12" is the
Severity: critical
Affected versions:
- Apache OFBiz before 18.12.12
Description:
Possible path traversal in Apache OFBiz allowing file inclusion.
Users are recommended to upgrade to version 18.12.12, that fixes the issue.
Credit:
Arun Shaji from trendmicro.com (finder)
References:
Severity: critical
Affected versions:
- Apache OFBiz before 18.12.12
Description:
Possible path traversal in Apache OFBiz allowing authentication bypass.
Users are recommended to upgrade to version 18.12.12, that fixes the issue.
Credit:
YunPeng - 郭 运鹏 (finder)
References: