CVE-2024-23946

CVE-2024-23946: Apache OFBiz: Path traversal or file inclusion

Vendor Apache Software Foundation
Product Apache OFBiz
Weakness CWE-22 · Path traversal
Published February 28, 2024
Last update February 13, 2025
View on NVD All CVEs

CVSS base score

What the vulnerability does

Description

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue.

Key dates

Disclosure timeline

February 28, 2024 CVE published
February 13, 2025 Record updated