Vulnerabilities > Oroinc > Orocommerce

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-32064 Improper Access Control vulnerability in Oroinc Orocommerce
OroCommerce package with customer portal and non authenticated visitor website base features.
network
low complexity
oroinc CWE-284
4.3
4.3
2023-11-28 CVE-2023-32065 Improper Access Control vulnerability in Oroinc Orocommerce
OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind.
network
low complexity
oroinc CWE-284
5.8
5.8
2023-10-09 CVE-2022-35950 Cross-site Scripting vulnerability in Oroinc Orocommerce
OroCommerce is an open-source Business to Business Commerce application.
network
low complexity
oroinc CWE-79
4.8
4.8
2022-10-18 CVE-2022-31037 Cross-site Scripting vulnerability in Oroinc Orocommerce
OroCommerce is an open-source Business to Business Commerce application.
network
low complexity
oroinc CWE-79
5.4
5.4