Vulnerabilities > Spreecommerce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-17 | CVE-2021-41275 | Cross-Site Request Forgery (CSRF) vulnerability in Spreecommerce Spree Auth Devise spree_auth_devise is an open source library which provides authentication and authorization services for use with the Spree storefront framework by using an underlying Devise authentication framework. | 8.8 |
| 2020-11-13 | CVE-2020-26223 | Incorrect Authorization vulnerability in Spreecommerce Spree Spree is a complete open source e-commerce solution built with Ruby on Rails. | 6.5 |