How severe is CVE-2025-22384?

CVE-2025-22384 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-22384

Name: configured_commerce
Author: optimizely

7.5HIGH

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to

Publicado: 1/4/2025Atualizado: 5/20/2025

Descrição

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.

Análise IADesenvolvido por IA

Produtos Afetados

optimizelyconfigured_commerce

Referências

https://support.optimizely.com/hc/en-us/articles/32694560473741-Configured-Commerce-Security-Advisory-COM-2024-02
Vendor Advisory