all InfoSec news
Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968/CVE-2023-51467) Alert
Security Boulevard securityboulevard.com
Overview Recently, NSFOCUS CERT detected that Apache officially released a security announcement and fixed two high-risk vulnerabilities in Apache Ofbiz. CVE-2023-50968: Due to problems in Apache Software Foundation, unauthorized attackers can read files and carry out SSRF attacks when operating uri calls; CVE-2023-51467: Due to a privilege verification logic error in Apache Ofbiz, an attacker […]
The post Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968/CVE-2023-51467) Alert appeared first on NSFOCUS, Inc., a global network and cyber …
alert announcement apache apache software foundation attackers attacks blog cert code code execution cve emergency-response file files foundation high nsfocus privilege problems remote code remote code execution risk security software ssrf uri verification vulnerabilities