CVE-2025-22387 | Optimizely Configured Commerce up to 5.2.2407 URL Parameter get request method with sensitive query strings

Inserito da Angelo Barbosa | Gen 4, 2025 | CVE

A vulnerability was found in Optimizely Configured Commerce up to 5.2.2407. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component URL Parameter Handler. The manipulation leads to use of get request method with sensitive query strings.

This vulnerability is known as CVE-2025-22387. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-22387 | Optimizely Configured Commerce up to 5.2.2407 URL Parameter get request method with sensitive query strings

Post correlati

CVE-2023-41927 | Kiloview P1/P2 up to 4.8.2605 risky encryption (NCSC-2024-0273)

CVE-2024-9050 | Red Hat Enterprise Linux 7/8/9 libreswan Client Plugin for NetworkManager Local Privilege Escalation

CVE-2024-38891 | Horizon Business Services Caterease up to 24.0.1.2405 cleartext transmission

CVE-2023-52196 | Phil Ewels CPT Bootstrap Carousel Plugin up to 1.12 on WordPress cross site scripting