Severity: Important Vendor: The Apache Software Foundation
Versions Affected: OFBiz 17.12.03 Description: Apache OFBiz XML-RPC request areĀ vulnerable to unsafe deserialization and Cross-Site Scripting issues. Mitigation: Upgrade to 17.12.04 or manually apply the commit at OFBIZ-11716 ---- Credit: Alvaro Munoz fromĀ GitHub Security Lab team <[email protected]> References: https://ofbiz.apache.org/security.html
