Severity:
Minor
Vendor:
The Apache Software Foundation
Versions Affected:
Apache OFBiz 161101 to 161106
Description:
an unauthenticated user could get access to information of some backend
screens by invoking setSessionLocale
Mitigation:
Upgrade to 161107
Credit:
This issue was discovered by Dennis Balkir <dennisbalkir () ecomify ...