Broadleafcommerce Broadleaf Commerce — known CVE vulnerabilities
Every CVE whose affected-product data names Broadleafcommerce Broadleaf Commerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-21266 — CVSS 6.1 (medium): Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability.
CVE-2023-33725 — CVSS 6.1 (medium): Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a…