CVE-2022-47501

CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability

Vendor Apache Software Foundation
Product Apache OFBiz
Weakness CWE-22 · Path traversal
Published April 14, 2023
Last update February 13, 2025

CVSS base score

What the vulnerability does

Description

Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a  pre-authentication attack. This issue affects Apache OFBiz: before 18.12.07.

Key dates

Disclosure timeline

April 14, 2023 CVE published
February 13, 2025 Record updated