CVE-2024-38856

⚠ KEVEPSS 94.4%

Apache OFBiz Incorrect Authorization Vulnerability

Added to CISA KEV: 8/27/2024

Description

Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.

Affected packages (0)

No package mapping in OSV.