You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Jacopo Cappellato <ja...@apache.org> on 2012/04/15 15:34:02 UTC
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability
CVE-2012-1622: Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors
Severity: Critical
Vendor:
The Apache Software Foundation - Apache OFBiz
======Versions Affected======
Apache OFBiz 10.04 (also known as 10.04.01)
======Description======
Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors
====== Mitigation======
10.04 users should upgrade to 10.04.02
======Credit======
This issue was discovered by Jacopo Cappellato, Apache OFBiz project