Описание
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios.
Уязвимые конфигурации
Конфигурация 1Версия до 5.2.2408 (исключая)
cpe:2.3:a:optimizely:configured_commerce:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00135
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 4.6
github
около 1 года назад
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios.
EPSS
Процентиль: 34%
0.00135
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-79
CWE-79