Lucene search
HistoryAug 02, 2023 - 2:15 p.m.
CVE-2023-33257
verint
update 2023r2
html injection
live chat
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.3%
Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat.
Affected configurations
Node
verintengagement_managementMatch15.32023r2
References
Related
cvelist
cvelist
CVE-2023-33257
2023-08-02 00:00:00
prion
prion
Input validation
2023-08-02 14:15:00
cnvd
cnvd
Verint Engagement Management Cross-Site Scripting Vulnerability
2023-08-06 00:00:00
cve
cve
CVE-2023-33257
2023-08-02 14:15:10
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.3%
Related for NVD:CVE-2023-33257