Apache · Apache Ofbiz · CVE-2026-50223
**Name of the Vulnerable Software and Affected Versions**
Apache OFBiz versions prior to 24.09.07
**Description**
Improper Control of Generation of Code allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks. This can lead to Remote Code Execution, where an attacker can execute arbitrary commands on the host system.
**Recommendations**
Upgrade to version 24.09.07.