Main
Vulnerability Database
Exploits
ID:9152 - Exploit for Cross-site scripting in OFBiz - CVE-2020-9496
ID:9152 - Exploit for Cross-site scripting in OFBiz - CVE-2020-9496
Published: June 27, 2023
Vulnerability identifier: #VU34153
Vulnerability risk: Low
CVE-ID: CVE-2020-9496
CWE-ID: CWE-79
Exploitation vector: Remote access
Vulnerable software:
OFBiz
OFBiz
Link to public exploit:
Vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
Remediation
Install update from vendor's website.