IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
References
Link | Resource |
---|---|
https://s.apache.org/chokl | Mailing List Vendor Advisory |
https://lists.apache.org/thread.html/r2e669797c1ea08562253239d2dc4192d951945e0c36cb0754f5394a6@%3Cannounce.apache.org%3E | Mailing List Vendor Advisory |
https://lists.apache.org/thread.html/rac7e36c3daa60dd4b813f72942921b4fad71da821480ebcea96ecea1@%3Cnotifications.ofbiz.apache.org%3E | Mailing List Vendor Advisory |
https://lists.apache.org/thread.html/r0a0a701610b3bcdf14634047313adab3f1628bb9aa55cf29cd262ef5@%3Ccommits.ofbiz.apache.org%3E | Mailing List Patch Vendor Advisory |
https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d@%3Ccommits.ofbiz.apache.org%3E | Mailing List Patch Vendor Advisory |
Configurations
Information
Published : 2020-07-15 09:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-13923
Mitre link : CVE-2020-13923
JSON object : View
CWE
CWE-639
Authorization Bypass Through User-Controlled Key
Products Affected
apache
- ofbiz