Input Validation Flaw in Optimizely Configured Commerce Affecting Contact Us Functionality
CVE-2025-22383
Currently unrated
What is CVE-2025-22383?
A vulnerability exists in Optimizely Configured Commerce affecting versions before 5.2.2408 that impacts the input validation mechanism within the Contact Us feature. This flaw enables users to submit email messages that may unintentionally include unfiltered HTML markup under specific circumstances. As a result, this issue could lead to various security concerns, including potential cross-site scripting (XSS) attacks. It is crucial for affected users to apply the latest updates provided by Optimizely to mitigate the risks associated with this vulnerability.