CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-22387 |
Description: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where the session token is submitted as a URL parameter. This exposes information about the authenticated session, which can be leveraged for session hijacking.
EPSS Score: 0.04%
January 5th, 2025 (6 months ago)
|
|
CVE-2025-22386 |
Description: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable.
EPSS Score: 0.04%
January 5th, 2025 (6 months ago)
|
|
CVE-2025-22385 |
Description: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-requested storefront accounts can be created on behalf of visitors.
EPSS Score: 0.04%
January 5th, 2025 (6 months ago)
|
|
CVE-2025-22384 |
Description: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.
EPSS Score: 0.04%
January 5th, 2025 (6 months ago)
|
|
CVE-2025-22383 |
Description: An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios.
EPSS Score: 0.04%
January 5th, 2025 (6 months ago)
|
|
Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
January 4th, 2025 (6 months ago)
|
|
|
Description: A new vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. [...]
January 4th, 2025 (6 months ago)
|
|
|
Description: Alleged Sale of Malware Toolkit (LNK + Fileless RAT/Loader)
January 4th, 2025 (6 months ago)
|
|
|
Description: Alleged Sale of the Phrasix Tool
January 4th, 2025 (6 months ago)
|
|
|
Description: Alleged Database Leak of Assetto Corsa Mods
January 4th, 2025 (6 months ago)
|