Unrated severityNVD Advisory· Published Oct 10, 2022· Updated Aug 3, 2024
An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4
CVE-2022-40248
Description
An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CERT/CC/VINCE - The Vulnerability Information and Coordination Environmentv5Range: 1.48.0
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.