Optimizely Configured Commerce — known CVE vulnerabilities
Every CVE whose affected-product data names Optimizely Configured Commerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-56174 — CVSS 8.1 (high): In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under…
CVE-2025-22387 — CVSS 7.5 (high): An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where…
CVE-2025-22384 — CVSS 7.5 (high): An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the…
CVE-2025-22386 — CVSS 7.3 (high): An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B…
CVE-2024-56175 — CVSS 6.1 (medium): In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under…
CVE-2025-22385 — CVSS 5.9 (medium): An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does…
CVE-2024-56173 — CVSS 4.7 (medium): In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under…
CVE-2025-22383 — CVSS 4.6 (medium): An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce…