Reflected Cross-Site Scripting (XSS) Vulnerability in Vinteo VCC v2.36.4

Reflected Cross-Site Scripting (XSS) Vulnerability in Vinteo VCC v2.36.4

CVE-2022-48020 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser.

Learn more about our User Device Pen Test.