QwikSec

Security Database

CVE

CWE

Training

CVE-2019-0235

Published: Apr 30, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks.

Vendor	Product	Versions
Apache	Apache OFBiz	affected `17.12.01`

References

https://s.apache.org/n4vnt

x_refsource_CONFIRM

http://packetstormsecurity.com/files/157514/Apache-OFBiz-17.12.03-Cross-Site-Request-Forgery.html

x_refsource_MISC

[ofbiz-notifications] 20200705 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20200706 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20200707 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235)

mailing-list

x_refsource_MLIST

[ofbiz-notifications] 20200708 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235)

mailing-list

x_refsource_MLIST

[ofbiz-commits] 20200708 [ofbiz-framework] 01/02: Documented: POC for CSRF Token (CVE-2019-0235) (OFBIZ-11306)

mailing-list

x_refsource_MLIST

[announce] 20210125 Apache Software Foundation Security Report: 2020

mailing-list

x_refsource_MLIST

[announce] 20210223 Re: Apache Software Foundation Security Report: 2020

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.