VYPR
Unrated severityNVD Advisory· Published Aug 16, 2022· Updated Sep 17, 2024

An open redirect vulnerability exists in CERT/CC VINCE software prior to version 1.50.0

CVE-2022-25799

Description

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious site that is designed to impersonate a legitimate website. The attacker could trick the user and potentially acquire sensitive information such as the user's credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • CERTCC/Vincellm-fuzzy
    Range: <1.50.0
  • CERT/CC/VINCE - The Vulnerability Information and Coordination Environmentv5
    Range: 1.50.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.