Apache fixes critical OFBiz remote code execution vulnerability
(www.bleepingcomputer.com)
from IllNess@infosec.pub to securitynews@infosec.pub on 06 Sep 02:33
https://infosec.pub/post/17167690
from IllNess@infosec.pub to securitynews@infosec.pub on 06 Sep 02:33
https://infosec.pub/post/17167690
Tracked as CVE-2024-45195 and discovered by Rapid7 security researchers, this remote code execution flaw is caused by a forced browsing weakness that exposes restricted paths to unauthenticated direct request attacks.
#securitynews
threaded - newest