The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/08/cisa-flags-critical-apache-ofbiz-flaw.html