CVE-2025-22384

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt