Apache OFBiz SSRF (CVE-2024-45507)
Description
OFBiz allows an unauthenticated attacker to send arbitrary requests to perform lookups on the internal network, which is otherwise inaccessible externally. This feature can be exploited to perform SSRF (Server-Side Request Forgery) attacks, potentially leading to Remote Code Execution (RCE) on the server
Remediation
Upgrade to the latest version of OFBiz