InfoSec News Nuggets 8/6/2024

Apache OFBiz Users Warned of New and Exploited Vulnerabilities Organizations using Apache OFBiz are being urged to patch a critical vulnerability, following reports of increasing exploitation attempts targeting another recently discovered security hole. The new vulnerability, tracked as CVE-2024-38856, was disclosed over the weekend. According to Apache OFBiz developers, versions through 18.12.14 are impacted and 18.12.15 includes a fix. “Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such…
Read More