Optimizely Security Vulnerabilities (CVEs)

Track 10 security vulnerabilities affecting Optimizely products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

6 High

4 Medium

Sort by:

🔔 Get Alerts for Optimizely

CVE-2025-22385 5.9

Optimizely Configured Commerce versions before 5.2.2408 allow mass account creation without email confirmation for new accounts. This affects all B2B ...

Jan 4, 2025

CVE-2025-22386 7.3

This vulnerability allows session tokens from logged-out users to remain active and usable in Optimizely Configured Commerce B2B storefronts. Attacker...

Jan 4, 2025

CVE-2025-22387 7.5

This vulnerability in Optimizely Configured Commerce exposes session tokens in URL parameters, allowing attackers to hijack authenticated user session...

Jan 4, 2025

CVE-2025-22388 5.7

A stored cross-site scripting (XSS) vulnerability in Optimizely EPiServer CMS Core allows attackers to inject malicious JavaScript into content, links...

Jan 4, 2025

CVE-2025-22389 8.0

This vulnerability in Optimizely EPiServer CMS Core allows attackers to upload malicious files like .docm and .html due to improper file validation. W...

Jan 4, 2025

CVE-2025-22390 7.5

This vulnerability allows attackers to compromise user accounts through password attacks due to weak password requirements in Optimizely EPiServer CMS...

Jan 4, 2025

CVE-2025-22383 4.6

A cross-site scripting (XSS) vulnerability exists in Optimizely Configured Commerce's Contact Us functionality that allows visitors to inject unfilter...

Jan 4, 2025

CVE-2025-22384 7.5

This vulnerability allows attackers to purchase discontinued products by manipulating requests before they reach the server. It affects Optimizely Con...

Jan 4, 2025

CVE-2024-56173 4.7

This is a stored cross-site scripting (XSS) vulnerability in Optimizely Configured Commerce where malicious JavaScript in SVG documents can be injecte...

Dec 18, 2024

CVE-2024-56174 8.1

This vulnerability allows attackers to inject malicious scripts into Optimizely Configured Commerce search history, which then execute in users' brows...

Dec 18, 2024

Why Monitor Optimizely Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 10+ known vulnerabilities affecting Optimizely products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Optimizely packages in under 60 seconds. No agents required - completely agentless scanning that works across Optimizely deployments.

Free vulnerability database: Access detailed information about every Optimizely CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Optimizely CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Optimizely CVEs Free