CVE-2024-48962 | Apache OFBiz up to 18.12.16 URL Parameter code injection

Inserito da Angelo Barbosa | Nov 16, 2024 | CVE

A vulnerability has been found in Apache OFBiz up to 18.12.16 and classified as critical. This vulnerability affects unknown code of the component URL Parameter Handler. The manipulation leads to code injection.

This vulnerability was named CVE-2024-48962. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-48962 | Apache OFBiz up to 18.12.16 URL Parameter code injection

Post correlati

CVE-2024-29082 | Vonets VGA-1000 up to 3.3.23.6.9 access control (icsa-24-214-08)

CVE-2022-48728 | Linux Kernel up to 5.10.98/5.15.21/5.16.7 hfi1_ipoib_setup_rn null pointer dereference

CVE-2024-2020 | Calculated Fields Form Professional Plugin up to 5.1.56 on WordPress cross site scripting

CVE-2024-8633 | Form Maker Plugin up to 1.15.27 on WordPress cross site scripting