CVE-2023-49070

  • Apache Ofbiz xml-RPC remote code execution vulnerability (CVE-2023-49070)

    Apache OFBiz is an open source product for enterprise process automation. It includes framework components and business applications for ERP, CRM, e-commerce, supply chain management and manufacturing resource planning. There is a remote code execution vulnerability in Apache OFBiz before version 18.12.10. Because xml-RPC is no longer maintained, an authenticated attacker can use xml-RPC to conduct remote code execution exploits and control the server.

    December 7, 2023
    07.5K0