Описание
an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-12426
- https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc@%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r40a3c0930f7945e97e30c25422f52dbe476d5584346c3de5c556c272@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/rf8651e75162819a267384f8a31c20884bc3a9a6707afbf75200cd98d@%3Ccommits.ofbiz.apache.org%3E
- https://s.apache.org/w0dem
EPSS
Процентиль: 86%
0.0302
Низкий
CVE ID
Связанные уязвимости
CVSS3: 5.3
nvd
около 6 лет назад
an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
EPSS
Процентиль: 86%
0.0302
Низкий