[CVE-2019-0235 ] Apache OFBiz multiple CSRF vulnerabilities

2020-04-30 Thread jler...@apache.org
Severity: Important Vendor: The Apache Software Foundation Versions Affected: OFBiz 17.12.01 Description: Apache OFBiz is vulnerable to CSRF attacks Mitigation: Upgrade to 17.12.03 or manually apply the commits at OFBIZ-11470 Credit: Initially known by the OFBiz security team

[CVE-2019-0235 ] Apache OFBiz multiple CSRF vulnerabilities

2020-04-30 Thread jler...@apache.org
Severity: Important Vendor: The Apache Software Foundation Versions Affected: OFBiz 17.12.01 Description: Apache OFBiz is vulnerable to CSRF attacks Mitigation: Upgrade to 17.12.03 or manually apply the commits at OFBIZ-11470 Credit: Initially known by the OFBiz security team