Le 05/07/2020 à 16:50, Jacques Le Roux a écrit :
Hi,
While working on OFBIZ-11840 I thought about the solution I used for
"[CVE-2020-1943] Apache OFBiz XSS Vulnerability"
So I tried that:
diff --git framework/common/webcommon/WEB-INF/common-controller.xml
Severity:
Important
Vendor:
The Apache Software Foundation
Versions Affected:
OFBiz 17.12.03
Description:
Apache OFBiz XML-RPC request are vulnerable to unsafe deserialization and
Cross-Site Scripting issues.
Mitigation:
Upgrade to 17.12.04 or manually apply the commit at OFBIZ-11716
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
All versions < 17.12.04
Description:
IDOR vulnerability in the order processing feature from ecommerce component.
Mitigation:
Upgrade to 17.12.04 or manually apply the commit at OFBIZ-11836
Credit:
Harshit
The Apache OFBiz community is pleased to announce the new release "Apache
OFBiz 17.12.04".
Apache OFBiz® is an open source product for the automation of enterprise
processes that includes framework components and business applications.
http://ofbiz.apache.org/
"Apache OFBiz 17.12.04" is the
After thought: why not expose the next API too?
Jacques
Le 15/07/2020 à 10:19, Olivier Heintz a écrit :
+1 to the 2nd option
Le 15/07/2020 à 09:58, Devanshu Vyas a écrit :
+1 to the 2nd option.
Thanks & Regards,
Devanshu Vyas.
On Wed, Jul 15, 2020 at 10:56 AM Pritam Kute
wrote:
I am
My point of view about my question ;-)
On a Documentation, point of view, I prefer the solution 2, (with a clear flag
to say it's a with the plugin )
On a technical point of view to have minimum dependency between framework and
plugins, solution 3 is the better one
Le 15/07/2020 à 10:53,
Hi Community,
I start migrate plugins docbook for ofbiz-plugins and I have a question about
How to manage plugins documentation, in the structure of user-documentation and
developper-manual ?
I see 3 possible solutions
1) Current solution: one document per plugin, and link to its in the correct
+1 to the 2nd option
Le 15/07/2020 à 09:58, Devanshu Vyas a écrit :
> +1 to the 2nd option.
>
> Thanks & Regards,
> Devanshu Vyas.
>
>
> On Wed, Jul 15, 2020 at 10:56 AM Pritam Kute
> wrote:
>
>> I am also inclined to 2nd option.
>>
>> Thanks, Pawan for pointing this.
>>
>> Kind Regards,
>>
+1 to the 2nd option.
Thanks & Regards,
Devanshu Vyas.
On Wed, Jul 15, 2020 at 10:56 AM Pritam Kute
wrote:
> I am also inclined to 2nd option.
>
> Thanks, Pawan for pointing this.
>
> Kind Regards,
> --
> Pritam Kute
>
>
> On Wed, Jul 15, 2020 at 1:24 AM Jacques Le Roux <
>
