CVE-2019-0235
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-0235
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-0235.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-0235
- Published
- 2020-04-30T20:15:12.293Z
- Modified
- 2025-11-14T09:01:45.665847Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks.
- References
-
- https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r392206f7cd131f0fc3f7c60a767ced93ced00411d55c1777c219c956%40%3Cnotifications.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r9eeb6c41d2c562b451f1e48ec56881f59107cc4dea7c883db2c5373d%40%3Cnotifications.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/rb53870d24088956a555683aa1aea7e532e3be65b863b9c75eac31b90%40%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/rbd572bb27991835a3455c1bf694e7140d79ab03cdb9e6e50fd1219d7%40%3Cnotifications.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/rfe36dc9135810954ef667d29129d02207fb999a286b60d33bd9c2349%40%3Cnotifications.ofbiz.apache.org%3E
- http://packetstormsecurity.com/files/157514/Apache-OFBiz-17.12.03-Cross-Site-Request-Forgery.html
- https://s.apache.org/n4vnt