{"vulnerability": "CVE-2022-40257", "sightings": [{"uuid": "52077ae3-3e1b-478c-8a65-41812246d570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40257", "type": "seen", "source": "https://t.me/cibsecurity/51071", "content": "\u203c CVE-2022-40257 \u203c\n\nAn HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T00:25:13.000000Z"}]}