Lucene search

K
osvGoogleOSV:CVE-2022-40257
HistoryOct 10, 2022 - 8:15 p.m.

CVE-2022-40257

2022-10-1020:15:09
Google
osv.dev
3
html injection
cert/cc vince
software vulnerability
authenticated attacker

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field.

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

Related for OSV:CVE-2022-40257