N/A

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable.

N/A

不充分的会话过期机制

Optimizely Configured Commerce 安全漏洞

Optimizely Configured Commerce是Optimizely公司的一个组合型商务平台。 Optimizely Configured Commerce 5.2.2408之前版本存在安全漏洞，该漏洞源于允许与已注销会话绑定的会话令牌仍然处于活动状态且可用。

N/A

N/A