impleCode eCommerce Product Catalog Object Injection Vulnerability

Vulnerability

A vulnerability allowing object injection through deserialization of untrusted data has been identified in the impleCode eCommerce Product Catalog plugin, affecting versions up to 3.4.3. This vulnerability could be exploited to inject objects into the application, potentially leading to further attacks.

Impact

Exploitation of this vulnerability could allow for object injection, which may be used to manipulate application behavior or execute arbitrary code, depending on the context.

Added: Jun 17, 2025, 4:12 PM

Updated: Jun 17, 2025, 4:12 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

impleCode eCommerce Product Catalog Object Injection Vulnerability

Vulnerability

Impact

Affected Products

impleCode eCommerce Product Catalog

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating