Severity: moderate
Affected versions:
- Apache OFBiz before 18.12.10
Description:
Pre-auth RCE in Apache Ofbiz 18.12.09.
It's due to XML-RPC no longer maintained still present.
This issue affects Apache OFBiz: before 18.12.10.
Users are recommended to upgrade to version 18.12.10
This issue
The Apache OFBiz community is pleased to announce the new release "Apache
OFBiz 18.12.10".
Apache OFBiz® is an open source product for the automation of enterprise
processes that includes framework components and business applications.
http://ofbiz.apache.org/
"Apache OFBiz 18.12.10" is the