Severity: moderate Affected versions:
- Apache OFBiz before 18.12.19 Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.19. Users are recommended to upgrade to version 18.12.19, which fixes the issue. Credit: Khaled Nassar (@mindpatch) (finder) References: https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html https://issues.apache.org/jira/browse/OFBIZ-13219 https://ofbiz.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-30676
