Vulnerabilidades en spree
7 resultadosCVE-2020-26223HIGHAuthorization bypass in SpreeEPSS 1.1%CVE-2020-15269HIGHExpired token reuse in SpreeEPSS 1.1%CVE-2026-25758HIGHSpree allows unauthenticated users can access all guest addressesEPSS 0.6%CVE-2021-41275CRITICALAuthentication Bypass by CSRF WeaknessEPSS 0.5%CVE-2026-25757HIGHUnauthenticated Spree Commerce users can view completed guest orders by Order IDEPSS 0.4%CVE-2026-22589HIGHSpree API has Unauthenticated IDOR - Guest AddressEPSS 0.4%CVE-2026-22588MEDIUMSpree API has Authenticated Insecure Direct Object Reference (IDOR) via Order ModificationEPSS 0.4%