Journalists from Bleeping Computer report that a reader reported the problem to them, who was very surprised to find several references to vulnerable systems listed in the “references” section in the CVE bulletin.
Typically, this section provides links to primary sources (report, blog post, PoC demo) that explain the vulnerability. Sometimes security bulletins do include links confirming the existence of a vulnerability, but usually they lead to [...]