Exploits / Vulnerability Discovered : 2020-05-01 |
Type : webapps |
Platform : java
This exploit / vulnerability Apache ofbiz 17.12.03 crosssite request forgery (account takeover) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)
# Exploit Author: Faiz Ahmed Zaidi
# Vendor Homepage: [https://ofbiz.apache.org/security.html]
# Software Link: https://ofbiz.apache.org/download.html#security
# Version: Before 17.12.03
# Tested on: Linux and Windows
# CVE : CVE-2019-0235