Maven package
org.broadleafcommerce/broadleaf
pkg:maven/org.broadleafcommerce/broadleaf
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-33725 | — | >= 5.0.0-GA, < 6.2.7-GA | 6.2.7-GA | Jun 21, 2023 | Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA. |
- CVE-2023-33725Jun 21, 2023affected >= 5.0.0-GA, < 6.2.7-GAfixed 6.2.7-GA
Broadleaf 5.x and 6.x (including 5.2.25-GA and 6.2.6-GA) was discovered to contain a cross-site scripting (XSS) vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA.