CVE-2026-31910 | Apache OFBiz up to 24.09.05 server-side request forgery

Inserito da Angelo Barbosa | Mag 19, 2026 | CVE

A vulnerability labeled as critical has been found in Apache OFBiz up to 24.09.05. The affected element is an unknown function. Executing a manipulation can lead to server-side request forgery.

This vulnerability is tracked as CVE-2026-31910. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-31910 | Apache OFBiz up to 24.09.05 server-side request forgery

Post correlati

CVE-2025-24756 | mgplugin Roi Calculator Plugin up to 1.0 on WordPress cross-site request forgery

CVE-2026-8080 | MISP up to 2.5.36 cross site scripting

CVE-2025-13057 | Campcodes School Fees Payment Management System 1.0 ajax.php?action=save_student ID sql injection

CVE-2024-24308 | Boostmyshop Module up to 1.1.9 on PrestaShop changeOrderCarrier.php sql injection