Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA.
History

Fri, 06 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-06-21T00:00:00

Updated: 2024-12-06T17:14:54.886Z

Reserved: 2023-05-22T00:00:00

Link: CVE-2023-33725

cve-icon Vulnrichment

Updated: 2024-08-02T15:47:06.678Z

cve-icon NVD

Status : Modified

Published: 2023-06-21T16:15:11.413

Modified: 2024-12-06T18:15:21.850

Link: CVE-2023-33725

cve-icon Redhat

No data.