CSOonline

New critical Apache OFBiz vulnerability patched as older flaw is actively exploited

Researchers discovered a new RCE flaw while analyzing the patch for a different flaw currently targeted by attackers. As the fifth critical flaw this year for the ERP framework, users are urged to ...
Dark Reading

Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

CISA has added a critical security flaw in the Apache OFBiz open source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog. Apache OFBiz is a system that ...
Bleeping Computer

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.