How severe is CVE-2025-22384?

CVE-2025-22384 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-22384

Name: configured_commerce
Author: optimizely

7.5HIGH

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to

Veröffentlicht: 1/4/2025Aktualisiert: 5/20/2025

Beschreibung

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.

KI-AnalyseKI-gestützt

Betroffene Produkte

optimizelyconfigured_commerce

Referenzen

https://support.optimizely.com/hc/en-us/articles/32694560473741-Configured-Commerce-Security-Advisory-COM-2024-02
Vendor Advisory