oss-sec mailing list archives
CVE-2026-45187: Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users to Submit System Jobs
From: Jacopo Cappellato <jacopoc () apache org>
Date: Tue, 19 May 2026 08:35:49 +0000
Severity: moderate Affected versions: - Apache OFBiz before 24.09.06 Description: Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Credit: Qiulin Deng (reporter) References: https://ofbiz.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-45187
Current thread:
- CVE-2026-45187: Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users to Submit System Jobs Jacopo Cappellato (May 19)
