VYPR
Unrated severityNVD Advisory· Published Oct 10, 2022· Updated Aug 3, 2024

An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4

CVE-2022-40248

Description

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • CERTCC/Vincellm-fuzzy
    Range: <1.50.4
  • CERT/CC/VINCE - The Vulnerability Information and Coordination Environmentv5
    Range: 1.48.0

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.