CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25065 – Apache OFBiz: Path traversal allowing authentication bypass.
https://notcve.org/view.php?id=CVE-2024-25065
Possible path traversal in Apache OFBiz allowing authentication bypass. Users are recommended to upgrade to version 18.12.12, that fixes the issue. Posible path traversal en Apache OFBiz que permite omitir la autenticación. Se recomienda a los usuarios actualizar a la versión 18.12.12, que soluciona el problema. • http://www.openwall.com/lists/oss-security/2024/02/28/10 https://issues.apache.org/jira/browse/OFBIZ-12887 https://lists.apache.org/thread/rplfjp7ppn9ro49oo7jsrpj99m113lfc https://ofbiz.apache.org/download.html https://ofbiz.apache.org/release-notes-18.12.12.html https://ofbiz.apache.org/security.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •