Researchers uncovered a critical authentication bypass zero-day flaw tracked as CVE-2023-51467, with a CVSS score of 9.8 affecting Apache OFBiz’s open-source enterprise resource planning (ERP) system. The vulnerability allows attackers to bypass simple Server-Side Request Forgery (SSRF) authentication. The pre-authenticated RCE vulnerability tracked as CVE-2023-49070 leads to the zero-day SSRF vulnerability CVE-2023-51467 in Apache OFBiz due
The post Critical Apache OFBiz Zero-day Flaw Exploited in the Wild appeared first on Cyber Security News. Read More
Posted inResearch