3 matches found
CVE-2022-40248
creationtimestamp| type| source ---|---|--- 2022-10-11 00:25:19+00:00| seen| https://t.me/cibsecurity/51077...
CVE-2022-40248 An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4
An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field...
CVE-2022-40248
CERT/CC VINCE is affected by an HTML injection vulnerability in versions prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via the Product Affected field in a form, potentially impacting data or UI integrity. The vulnerability has been consistently described across multiple sou...