Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
28 December 2023
The flaw, tracked as CVE-2023-51467, is a result of an incomplete patch for another critical vulnerability (CVE-2023-49070) and allows attackers to achieve a simple Server-Side Request Forgery (SSRF) to access unauthorized internal resources.