CVE-2026-31380
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
May 19, 2026
Vendor
unknown
Description
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.