Security Advisory

CVE-2022-40248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-10 00:00:00

Last updated 2024-08-03 12:14:39

Assigner certcc

State PUBLISHED

Description

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field.

← Browse all CVEs View on cve.org ↗