Severity: moderate
Affected versions:
- Apache OFBiz before 24.09.06
Description:
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: before 24.09.06.
Users are recommended to upgrade to version 24.09.06, which fixes the issue.
Credit:
Lidor B / thisis0xczar of Novee Security (reporter)
Venkatraman Kumar, Securin (reporter)
References:
https://ofbiz.apache.org/
https://www.cve.org/CVERecord?id=CVE-2026-29220
