Security Researcher

**Name of the Vulnerable Software and Affected Versions** CERT VINCE versions prior to 3.0.8 **Description** A potential denial-of-service (DoS) issue exists due to the ability of an authenticated administrative user to inject an arbitrary pickle object into a user’s profile. This action may lead to a DoS condition when the profile is accessed. Although the Django server has restrictions in place to prevent server crashes by limiting unpickling, this issue could still cause operational disruptions. **Recommendations** For versions prior to 3.0.8, update to version 3.0.8 or later to resolve the issue. As a temporary workaround, consider restricting administrative access to prevent the injection of arbitrary pickle objects into user profiles.