Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-40248

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2022-40248
  • Cert » Vince » Version: N/A
    cpe:2.3:a:cert:vince:-
  • Cert » Vince » Version: 1.48.0
    cpe:2.3:a:cert:vince:1.48.0
  • Cert » Vince » Version: 1.49.0
    cpe:2.3:a:cert:vince:1.49.0
  • Cert » Vince » Version: 1.50.0
    cpe:2.3:a:cert:vince:1.50.0
  • Cert » Vince » Version: 1.50.1
    cpe:2.3:a:cert:vince:1.50.1
  • Cert » Vince » Version: 1.50.2
    cpe:2.3:a:cert:vince:1.50.2
  • Cert » Vince » Version: 1.50.3
    cpe:2.3:a:cert:vince:1.50.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved