mirror of
https://github.com/gobysec/GobyVuls.git
synced 2025-05-07 11:07:07 +00:00
468 B
468 B
CVE-2021-30128 Apache OFBiz RCE
Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.
Affected version: Apache OFBiz 17.12.06
FOFA query rule: header="Set-Cookie: OFBiz.Visitor"
Demo
