Main
Vulnerability Database
Exploits
ID:8258 - Exploit for Cross-site scripting in OFBiz - CVE-2020-9496
ID:8258 - Exploit for Cross-site scripting in OFBiz - CVE-2020-9496
Published: August 16, 2022
Vulnerability identifier: #VU34153
Vulnerability risk: Low
CVE-ID: CVE-2020-9496
CWE-ID: CWE-79
Exploitation vector: Remote access
Vulnerable software:
OFBiz
OFBiz
Link to public exploit:
Vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
Remediation
Install update from vendor's website.