How severe is CVE-2025-22384?

CVE-2025-22384 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-22384

Name: configured_commerce
Author: optimizely

7.5HIGH

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to

公開日: 1/4/2025更新日: 5/20/2025

説明

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.

AI分析AIによる分析

影響を受ける製品

optimizelyconfigured_commerce

参照

https://support.optimizely.com/hc/en-us/articles/32694560473741-Configured-Commerce-Security-Advisory-COM-2024-02
Vendor Advisory