Apache OFBiz uses the Birt project plugin (eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a remote code execution (RCE) attack in Apache OFBiz, release 18.12.05 and previous versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache ofbiz |