CVE-2020-9496

Medium

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03

apache·CWE-79·Published 2020-07-15

CVSS

6.1

EPSS

0.99

KEV

Exploits

cve.orgen

113 chars

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03

NVDen

113 chars

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03

NVDes

133 chars

La petición de XML-RPC es vulnerable a problemas de deserialización no segura y Cross-Site Scripting en Apache OFBiz versión 17.12.03

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N