Vulnerabilities > CVE-2019-12426 - Unspecified vulnerability in Apache Ofbiz
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
References
- https://s.apache.org/w0dem
- https://lists.apache.org/thread.html/r40a3c0930f7945e97e30c25422f52dbe476d5584346c3de5c556c272%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/rf8651e75162819a267384f8a31c20884bc3a9a6707afbf75200cd98d%40%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc%40%3Ccommits.ofbiz.apache.org%3E