THREAT OPS › CVEs › CVE-2024-38856
CVE-2024-38856 — Apache OFBiz Incorrect Authorization Vulnerability
Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.
Vulnerability details
- Affected productsOFBiz
- KEV remediation due2024-09-17