Lucene search

K
osvGoogleOSV:CVE-2022-40257
HistoryOct 10, 2022 - 8:15 p.m.

CVE-2022-40257

2022-10-1020:15:09
Google
osv.dev
3
html injection
cert/cc vince
software vulnerability
authenticated attacker

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

22.7%

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field.

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

22.7%

Related for OSV:CVE-2022-40257