CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-22384

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 7.5

References

https://support.optimizely.com/hc/en-us/articles/32694560473741-Configured-Commerce-Security-Advisory-COM-2024-02

Products affected by CVE-2025-22384

Optimizely » Configured Commerce » Version: Any

cpe:2.3:a:optimizely:configured_commerce:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-22384

Products

Pricing

Contact Us