
We found results for “”
CVE-2025-30676
Good to know:

Date: April 1, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.19. Users are recommended to upgrade to version 18.12.19, which fixes the issue.
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version https://github.com/apache/ofbiz-framework.git - release18.12.19
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |