CVE-2026-50223

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote Code Execution.

This issue affects Apache OFBiz: before 24.09.07.

Users are recommended to upgrade to version 24.09.07, which fixes the issue.

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2026-50223

Affected Products

Apache Ofbiz

CVE-2026-50223

Weakness Enumeration

Related Identifiers

Affected Products

References · 3