CVE-2023-33725

Name of the Vulnerable Software and Affected Versions Broadleaf versions 5.x through 6.2.6-GA

Description The issue is related to a cross-site scripting (XSS) vulnerability that can be exploited via a customer signup with a crafted email address.

Recommendations For versions 5.x through 6.2.6-GA, update to version 6.2.6.1-GA or later to resolve the issue. For version 6.2.7-GA, no specific action is required as it is mentioned as containing a fix in one of the sources, but since 6.2.6.1-GA is explicitly stated as the fixed version in higher-priority sources, updating to 6.2.6.1-GA or later is recommended.