Severity:
Important
Vendor:
The Apache Software Foundation
Versions Affected:
OFBiz 16.11.01 to 16.11.03
Description:
The BIRT plugin in Apache OFBiz does not escape user input property passed.
This allows for code injection by passing that code through the URL. For
example by appending this cod
Severity:
Important
Vendor:
The Apache Software Foundation
Versions Affected:
OFBiz 16.11.01 to 16.11.03
Description:
The BIRT plugin in Apache OFBiz does not escape user input property passed.
This allows for code injection by passing that code through the URL. For
example by appending this cod