Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OptimizelyConfigured Commerce

3 matches found

CVE
CVEadded 2025/01/04 2:15 a.m.66 views

CVE-2025-22386

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable.

7.3CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2025/01/04 2:15 a.m.59 views

CVE-2025-22387

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where the session token is submitted as a URL parameter. This exposes information about the authenticated session, which can be leveraged for session hijacking.

7.5CVSS6.1AI score0.00071EPSS
CVE
CVEadded 2025/01/04 2:15 a.m.58 views

CVE-2025-22384

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching th...

7.5CVSS6.5AI score0.00085EPSS