CVE-2022-25799
CERT/CC VINCE is affected by an open redirect vulnerability in versions prior to 1.50.0. An attacker can craft a URL that, when an authenticated user clicks it, redirects the user’s browser to a malicious site impersonating a legitimate one, potentially enabling credential exposure. The issue’s r...