Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-31380— Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass

AI Predicted 7.5 Difficulty: Easy

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-31380

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
表达式语言语句中使用的特殊元素转义处理不恰当(表达式语言注入)
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache OFBiz 0 ~ 24.09.06 -

II. Public POCs for CVE-2026-31380

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-31380

登录查看更多情报信息。

Same Patch Batch · Apache Software Foundation · 2026-05-19 · 18 CVEs total

CVE-2026-31909Apache OFBiz: Unauthenticated Shipment Label Image Disclosure
CVE-2026-29220Apache OFBiz: Low-Privilege LFI in Content Component
CVE-2026-29207Apache OFBiz: Low-Privilege SSTI Leading to RCE in the Content Component
CVE-2026-29226Apache OFBiz: Low-Privilege SSRF in Content Component
CVE-2026-31378Apache OFBiz: JSON Attribute Override and URL Allowlist Bypass Leads to Remote Code Execut
CVE-2026-31379Apache OFBiz: Path Traversal and File Upload Validation Bypass Leading to Arbitrary File W
CVE-2026-31387Apache OFBiz: Cookie Manipulation Allows Authenticated JWT Forgery and Account Impersonati
CVE-2026-31388Apache OFBiz: Cross-Tenant Data Exposure via Program Export Feature
CVE-2026-31906Apache OFBiz: Reflected XSS via Improper HTML Attribute Escaping in Layered-Modal Dialog P
CVE-2026-47323Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering
CVE-2026-31910Apache OFBiz: Improper Input Validation in UI Factory Classes Leads to SSRF and Blind File
CVE-2026-31986Apache OFBiz: Unauthenticated RCE via Default JWT Signing Key and Widget Template Injectio
CVE-2026-35086Apache OFBiz: Authenticated Remote Code Execution via Unsafe Template Expansion in email s
CVE-2026-41919Apache OFBiz: Authentication Bypass due to Improper Neutralization of LDAP Special Element
CVE-2026-45187Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users
CVE-2026-45434Apache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCE
CVE-2026-46586Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy

IV. Related Vulnerabilities

Same product: Apache OFBiz
Same vendor: Apache Software Foundation
Same weakness: CWE-917

V. Comments for CVE-2026-31380

No comments yet

Leave a comment