The vulnerability has been assigned a CVE ID CVE-2024-38856
Apache OFBiz is an open source enterprise resource planning (ERP) system. It provides a suite of enterprise applications that integrate and automate many of the business processes of an enterprise.
This vulnerability is caused by an unauthenticated endpoint allowing the execution of screen rendering code, which leads to RCE (Remote Code Execution).
Users are recommended to upgrade to version 18.12.15, which fixes this issue.
The vulnerability can be exploited remotely without authentication and user interaction.
Please let me know if this is in scope to start with its development.
Hello.
I would like to start implementing a plugin to detect CVE-2024-38856,This vulnerability should be relatively new and has been patched.
The vulnerability has been assigned a CVE ID CVE-2024-38856
Apache OFBiz is an open source enterprise resource planning (ERP) system. It provides a suite of enterprise applications that integrate and automate many of the business processes of an enterprise.
This vulnerability is caused by an unauthenticated endpoint allowing the execution of screen rendering code, which leads to RCE (Remote Code Execution).
Users are recommended to upgrade to version 18.12.15, which fixes this issue.
The vulnerability can be exploited remotely without authentication and user interaction.
Please let me know if this is in scope to start with its development.