CVE-2025-22385 – Optimizely Configured Commerce Unconfirmed Account Creation Vulnerability

1月 4, 2025
3:16 am

CVE ID : CVE-2025-22385

Published : Jan. 4, 2025, 2:15 a.m. | 1 hour, 1 minute ago

Description : An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-requested storefront accounts can be created on behalf of visitors.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-22385 – Optimizely Configured Commerce Unconfirmed Account Creation Vulnerability

Elvescore.io

Recent Posts

CVE-2025-0231 – Codezips Gym Management System SQL Injection

CVE-2025-0232 – Codezips Blood Bank Management System SQL Injection Vulnerability

CVE-2025-0230 – “Code-Projects Responsive Hotel Site SQL Injection”

CVE-2025-0229 – “Code-projects Travel Management System SQL Injection Vulnerability”

CVE-2025-0228 – Code-projects Local Storage Todo App Cross Site Scripting Vulnerability

CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure

CVE-2025-22385 – Optimizely Configured Commerce Unconfirmed Account Creation Vulnerability

CVE-2025-22385 – Optimizely Configured Commerce Unconfirmed Account Creation Vulnerability