The vulnerability of the CERT/CC VINCE software coordination mechanism lies in its lack of measures to neutralize special elements, allowing attackers to inject arbitrary HTML code.

The vulnerability of the CERT/CC VINCE software coordination mechanism exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code remotely, using the “Product Affected” field...

VINCE 跨站脚本漏洞

VINCE is a CERT Coordination Center in the United States CERT Coordination Center open source a CERT Coordination Center development and use of vulnerability information and coordination environment. Vulnerability disclosure for improved coordination. A cross-site scripting vulnerability exists i...