Critical Apache OFBiz Zero-day Flaw Exploited in the Wild

Researchers uncovered a critical authentication bypass zero-day flaw tracked as CVE-2023-51467, with a CVSS score of 9.8 affecting Apache OFBiz’s open-source enterprise resource planning (ERP) system. The vulnerability allows attackers to bypass simple Server-Side Request Forgery (SSRF) authentication. The pre-authenticated RCE vulnerability tracked as CVE-2023-49070 leads to the zero-day SSRF vulnerability CVE-2023-51467 in Apache OFBiz due […]


The post Critical Apache OFBiz Zero-day Flaw Exploited in the Wild appeared first on Cyber Security News.


http://dlvr.it/T1BLy0

• Tweet
• Share
• Share
• Share
• Share

Related Post