Lucene search
K

117 matches found

Vulnrichment
Vulnrichment
added 2025/01/04 12:0 a.m.6 views

CVE-2025-22386

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable...

6.8AI score0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/04 12:0 a.m.29 views

CVE-2025-22384

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching...

0.004EPSS
Exploits0References1
NVD
NVD
added 2024/12/18 6:15 a.m.14 views

CVE-2024-56175

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in list item names...

6.1CVSS0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 6:15 a.m.2 views

CVE-2024-56175

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in list item names...

6.1CVSS5.8AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 6:15 a.m.5 views

CVE-2024-56174

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in search history...

8.1CVSS5.8AI score0.00365EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 6:15 a.m.1 views

CVE-2024-56173

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document...

4.7CVSS5.8AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2024/12/18 6:15 a.m.14 views

CVE-2024-56173

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document...

4.7CVSS0.00268EPSS
Exploits0References1
NVD
NVD
added 2024/12/18 6:15 a.m.24 views

CVE-2024-56174

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in search history...

8.1CVSS0.00365EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/18 12:0 a.m.8 views

CVE-2024-56174

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in search history...

6.2AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 2024/12/18 12:0 a.m.57 views

CVE-2024-56175

CVE-2024-56175 affects Optimizely Configured Commerce prior to 5.2.2408. The vulnerability arises from a client-side template injection in list item names, enabling stored XSS where malicious payloads can be stored and later executed in users’ browsers under specific conditions. Affected versions...

6.1CVSS6.2AI score0.00228EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-36731 · Optimizely · Optimizely Configured Commerce

Name of the Vulnerable Software and Affected Versions: Optimizely Configured Commerce versions prior to 5.2.2408 Description: The issue allows malicious payloads to be stored and subsequently executed in users' browsers under specific conditions. This is due to a client-side template injection in...

8.1CVSS6.2AI score0.00365EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/12/18 12:0 a.m.13 views

CVE-2024-56173

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document...

0.00268EPSS
Exploits0References1
CVE
CVE
added 2024/12/18 12:0 a.m.57 views

CVE-2024-56173

Optimizely Configured Commerce (before 5.2.2408) is affected by a stored XSS vulnerability: malicious payloads can be stored and later executed in users’ browsers via JavaScript in an SVG document under certain conditions. Root cause: XSS in SVG handling. Impact is browser-side compromise of affe...

4.7CVSS5.9AI score0.00268EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/18 12:0 a.m.11 views

CVE-2024-56173

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document...

5.9AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.6 views

PT-2024-36730 · Optimizely · Optimizely Configured Commerce

Name of the Vulnerable Software and Affected Versions: Optimizely Configured Commerce versions prior to 5.2.2408 Description: The issue allows malicious payloads to be stored and subsequently executed in users' browsers under specific conditions. This is a result of XSS from JavaScript in an SVG...

4.7CVSS5.3AI score0.00268EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-36732 · Optimizely · Optimizely Configured Commerce

Name of the Vulnerable Software and Affected Versions: Optimizely Configured Commerce versions prior to 5.2.2408 Description: The issue allows malicious payloads to be stored and executed in users' browsers under specific conditions due to a client-side template injection in list item names,...

6.1CVSS6.1AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.4 views

Optimizely Configured Commerce 安全漏洞

Optimizely Configured Commerce is a combined commerce platform from Optimizely, Inc. A security vulnerability exists in Optimizely Configured Commerce prior to version 5.2.2408, which stems from the inclusion of a stored cross-site scripting vulnerability...

8.1CVSS5.9AI score0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.2 views

Optimizely Configured Commerce 安全漏洞

Optimizely Configured Commerce is a combined commerce platform from Optimizely, Inc. A security vulnerability exists in Optimizely Configured Commerce prior to version 5.2.2408, which stems from the inclusion of a stored cross-site scripting vulnerability...

4.7CVSS5.9AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/18 12:0 a.m.14 views

CVE-2024-56174

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in search history...

0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.5 views

Optimizely Configured Commerce 安全漏洞

Optimizely Configured Commerce is a combined commerce platform from Optimizely, Inc. A security vulnerability exists in Optimizely Configured Commerce prior to version 5.2.2408, which stems from the inclusion of a stored cross-site scripting vulnerability...

6.1CVSS5.9AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder