CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Cvelist•added 2026/02/03 9:28 a.m.•21 views

CVE-2025-59902 HTML injection in NICE Chat

HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session. The injected HTML is included in the body of the email sent by the system...

7.1CVSS0.00023EPSS

Exploits0References1

CVE•added 2025/10/22 8:22 a.m.•5 views

CVE-2025-11952

CVE-2025-11952 describes a stored XSS in Oct8ne Chatbot v2.3. The flaw arises from input validation failure when creating a mail transcript via /Records/SendSummaryMail, allowing injected JavaScript to run in a victim's browser. Impact stated: potential theft of sensitive data (e.g., session cook...

6.1CVSS5.9AI score0.00025EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/10/22 8:22 a.m.•4 views

CVE-2025-11952 Stored Cross-Site Scripting (XSS) in Oct8ne Chatbot

Stored Cross-site Scripting XSS in Oct8ne Chatbot v2.3. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting a malicious payload through the creation of a transcript that is sent by email. This vulnerability can be exploited to steal sensitive user...

5.3CVSS0.00025EPSS

Exploits0References1