VYPR
Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Aug 4, 2024

CVE-2019-10073

CVE-2019-10073

Description

The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616

Affected products

2
  • Apache/Ofbizllm-fuzzy2 versions
    <16.11.06+ 1 more
    • (no CPE)range: <16.11.06
    • (no CPE)range: OFBiz 16.11.01 to 16.11.05

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.