Severity: important Affected versions:
- Apache OFBiz before 18.12.13 Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue. Credit: Qiyi Zhang (RacerZ) @secsys from Fudan (finder) References: https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html https://issues.apache.org/jira/browse/OFBIZ-13006 https://lists.apache.org/thread/np8vgzr06z6cwm3tz7cs3609bdrj8526 https://ofbiz.apache.org/ https://www.cve.org/CVERecord?id=CVE-2024-32113