CVE-2022-40257 in VINCE
Riassunto
di MITRE • 11/10/2022
An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.