Severity: important Affected versions:
- Apache OFBiz before 18.12.16 Description: Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. Credit: 孙相 (Sun Xiang) (finder) References: https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html https://issues.apache.org/jira/browse/OFBIZ-13132 https://ofbiz.apache.org/ https://www.cve.org/CVERecord?id=CVE-2024-45507