broadleafcommerce broadleaf_commerce CVE Vulnerabilities (2)

CVEs: 2 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting broadleafcommerce broadleaf_commerce (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-33725 Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA. [email protected] 6.1 0.17% 2023-06-21 2024-12-06
CVE-2020-21266 Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability. [email protected] 6.1 0.42% 2020-10-29 2024-11-21
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence