Optimizely Configured Commerce Session Token Vulnerability in B2B Application
Vulnerability
A medium-severity vulnerability has been identified in Optimizely Configured Commerce versions prior to 5.2.2408. This issue affects the B2B application and relates to session management in the storefront. The vulnerability allows session tokens from logged-out sessions to remain active and usable, potentially leading to unauthorized access.
Impact
Exploitation of this vulnerability could result in unauthorized use of session tokens, allowing access to resources or functionalities tied to those sessions.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.3exploitability
7.4remediation
0.0relevance
0.0threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.