Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-40248

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.1%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2022-40248
  • Cert » Vince » Version: N/A
    cpe:2.3:a:cert:vince:-
  • Cert » Vince » Version: 1.48.0
    cpe:2.3:a:cert:vince:1.48.0
  • Cert » Vince » Version: 1.49.0
    cpe:2.3:a:cert:vince:1.49.0
  • Cert » Vince » Version: 1.50.0
    cpe:2.3:a:cert:vince:1.50.0
  • Cert » Vince » Version: 1.50.1
    cpe:2.3:a:cert:vince:1.50.1
  • Cert » Vince » Version: 1.50.2
    cpe:2.3:a:cert:vince:1.50.2
  • Cert » Vince » Version: 1.50.3
    cpe:2.3:a:cert:vince:1.50.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved