Severity: Important Vendor: The Apache Software Foundation
Versions Affected: OFBiz 17.12.01 Description: Apache OFBiz is vulnerable to CSRF attacks Mitigation: Upgrade to 17.12.03 or manually apply the commits at OFBIZ-11470 ---- Credit: Initially known by the OFBiz security team (OFBIZ-10427), also reported later by Man Yue Mo via RT <[email protected]> Shuibo Ye <[email protected]> Vikash Patnaik <[email protected]> Sonali Agrahari <[email protected]> Girish Vasmatkar <[email protected]> Dinesh Kumar Mohanty <[email protected]> Jason Nordenstam <[email protected]> Pradeep Jairamani <[email protected]> Faiz Zaidi <[email protected]> References: https://ofbiz.apache.org/security.html
