You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by Jacques Le Roux <jl...@apache.org> on 2023/04/10 09:21:12 UTC

CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability

Severity: important

Description:

Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz.This issue affects Apache OFBiz: before 18.12.07.

Required Configurations:

Using the Solr plugin

Solution:

Upgrade to release 18.12.07

Credit:

Skay <lh...@gmail.com> (finder)

References:

https://lists.apache.org/list.html?announce@apache.org
https://ofbiz.apache.org/download.html
https://ofbiz.apache.org/security.html
https://ofbiz.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-47501