Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.
Apache
Information Disclosure
Ofbiz
NVD
CVSS 2.0
10.0
EPSS
5.9%