Vulnerabilities > Adobe > Commerce B2B > 1.5.1

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-27189 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce B2B
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could be exploited to cause a denial-of-service condition.
network
low complexity
adobe CWE-352
4.3
4.3
2025-04-08 CVE-2025-27191 Improper Access Control vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-284
5.3
5.3
2025-04-08 CVE-2025-27192 Insufficiently Protected Credentials vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass.
network
low complexity
adobe CWE-522
2.7
2.7