Unrated severityNVD Advisory· Published Aug 16, 2022· Updated Sep 17, 2024
An open redirect vulnerability exists in CERT/CC VINCE software prior to version 1.50.0
CVE-2022-25799
Description
An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious site that is designed to impersonate a legitimate website. The attacker could trick the user and potentially acquire sensitive information such as the user's credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CERT/CC/VINCE - The Vulnerability Information and Coordination Environmentv5Range: 1.50.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.