CVE-2022-25799

Name of the Vulnerable Software and Affected Versions CERT/CC VINCE versions prior to 1.50.0

Description An open redirect issue exists, allowing an attacker to send a specially crafted URL link that, when clicked by an authenticated user, could redirect the user's browser to a malicious site impersonating a legitimate website. This could potentially lead to the acquisition of sensitive information, such as user credentials.

Recommendations For versions prior to 1.50.0, update to version 1.50.0 or later to resolve the issue. As a temporary workaround, consider avoiding clicking on links from untrusted sources and verifying the authenticity of websites before entering sensitive information. Restrict access to the software until the update is applied to minimize the risk of exploitation.