Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where the session token is submitted as a URL parameter. This exposes information about the authenticated session, which can be leveraged for session hijacking.
CVSS Information
N/A
Vulnerability Type
通过GET请求中的查询字符串导致的信息暴露
Vulnerability Title
Optimizely Configured Commerce 安全漏洞
Vulnerability Description
Optimizely Configured Commerce是Optimizely公司的一个组合型商务平台。 Optimizely Configured Commerce 5.2.2408之前版本存在安全漏洞,该漏洞源于会泄露有关经过身份验证的会话的信息。
CVSS Information
N/A
Vulnerability Type
N/A