Описание
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
Ссылки
- Third Party AdvisoryURL Repurposed
- Third Party AdvisoryURL Repurposed
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:ofbiz:11.04:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.01:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.02:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.03:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.04:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.05:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:11.04.06:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.01:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.02:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.03:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.04:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.05:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:12.04.06:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:13.07:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:13.07.01:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:13.07.02:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:13.07.03:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01029
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
EPSS
Процентиль: 77%
0.01029
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-20