Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.19. Users are recommended to upgrade to version 18.12.19, which fixes the issue.
https://ofbiz.apache.org/security.html
https://ofbiz.apache.org/download.html
https://lists.apache.org/thread/8d718qt8dqthnw1gmyxsq8glfdjklnjf