{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-25799","assignerOrgId":"37e5125f-f79b-445b-8fad-9564f167944b","assignerShortName":"certcc","datePublished":"2022-08-16T22:00:15.993Z","dateUpdated":"2024-09-17T02:06:51.198Z","dateReserved":"2022-02-22T00:00:00.000Z"},"containers":{"cna":{"title":"An open redirect vulnerability exists in CERT/CC VINCE software prior to version 1.50.0","datePublic":"2022-10-05T00:00:00.000Z","providerMetadata":{"orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc","dateUpdated":"2022-10-06T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious site that is designed to impersonate a legitimate website. The attacker could trick the user and potentially acquire sensitive information such as the user's credentials."}],"affected":[{"vendor":"CERT/CC","product":"VINCE - The Vulnerability Information and Coordination Environment","versions":[{"version":"1.50.0","status":"affected","lessThan":"1.50.0","versionType":"custom"}]}],"references":[{"url":"https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html"},{"url":"https://github.com/CERTCC/VINCE/issues/45"}],"credits":[{"lang":"en","value":"Jonathan Leitschuh discovered and reported this security vulnerability to CERT/CC"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-601 URL Redirection to Untrusted Site ('Open Redirect')","cweId":"CWE-601"}]}],"source":{"discovery":"EXTERNAL"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T04:49:43.465Z"},"title":"CVE Program Container","references":[{"url":"https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html","tags":["x_transferred"]},{"url":"https://github.com/CERTCC/VINCE/issues/45","tags":["x_transferred"]}]}]}}