Apache OFBiz, initially named Open for Enterprise, is a Java-based ERP internet utility and growth framework that gives modules for managing enterprise processes similar to accounting, HR, provide chain administration, product catalog administration, buyer relationship administration (CRM), manufacturing, e-commerce and extra. The framework underpinning it will also be used to construct further customized purposes and options.
The software program is used globally and throughout many industries, nevertheless it’s unclear what number of organizations have Apache OFBiz since many makes use of it internally. Primarily based on public knowledge, its customers embody giant corporations similar to IBM, HP, Accenture, United Airways, House Depot, and Upwork. Some third-party industrial purposes like Atlassian JIRA additionally use OFBiz modules.
Fragmenting the controller-view map state
The foundation trigger for CVE-2024-45195 and the earlier three associated flaws are incorrect or inadequate authorization checks for authenticated view maps as a result of the state between the known as controller and the accessed view map is corrupted.
