CVE-2023-33725

Broadleaf Commerce cross-site scripting | CVE-2023-33725

June 22, 2023

NAME__________Broadleaf Commerce cross-site scriptingPlatforms Affected:Broadleaf Commerce Broadleaf Commerce 5.1.14-GA Broadleaf Commerce Broadleaf Commerce 5.2.25-GARisk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Broadleaf Commerce is vulnerable...

CVE-2023-33725

Broadleaf Commerce cross-site scripting | CVE-2023-33725

HackerOne Bug Bounty Disclosure: default-admin-account-lead-to-full-access-control-at-hxxps-desk-demo-fareharbor-engineering-tuantv

HackerOne Bug Bounty Disclosure: rce-by-parsing-rdoc-options-in-rdoc-ooooooo-q

GoPhish Login Page Detected – 52[.]47[.]162[.]219:443

GoPhish Login Page Detected – 1[.]14[.]130[.]195:443

GoPhish Login Page Detected – 13[.]36[.]36[.]90:443

Broadleaf Commerce cross-site scripting | CVE-2023-33725

You may have missed

HackerOne Bug Bounty Disclosure: default-admin-account-lead-to-full-access-control-at-hxxps-desk-demo-fareharbor-engineering-tuantv

HackerOne Bug Bounty Disclosure: rce-by-parsing-rdoc-options-in-rdoc-ooooooo-q

GoPhish Login Page Detected – 52[.]47[.]162[.]219:443

GoPhish Login Page Detected – 1[.]14[.]130[.]195:443

GoPhish Login Page Detected – 13[.]36[.]36[.]90:443