GitHub - j00sean/CVE-2022-44666: Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.

https://github.com/j00sean/CVE-2022-44666

https://twitter.com/home/status/1626388165023125505

https://twitter.com/home/status/1626391650401665025

https://twitter.com/home/status/1626429647029440512

https://twitter.com/home/status/1626439202110840833

https://twitter.com/home/status/1626444916766441472

https://twitter.com/home/status/1626456640663724033

https://twitter.com/home/status/1626505055158370304

https://twitter.com/home/status/1626506420714885121

https://twitter.com/home/status/1626585868994772997

https://twitter.com/home/status/1626636728218812438