3 matches found
CVE-2021-30140
LiquidFiles 3.4.15 has stored XSS through the "send email" functionality when sending a file via email to an administrator. When a file has no extension and contains malicious HTML / JavaScript content such as SVG with HTML content, the payload is executed upon a click. This is fixed in 3.5...
Verint Workforce Optimization (WFO) Injection Vulnerability
Verint Workforce Optimization is a unified suite of software and services for capturing interactions and managing employee performance across an enterprise or target area. A security vulnerability exists in Verint Workforce Optimization WFO version 15.2. An attacker could exploit the vulnerabilit...
CVE-2020-13480
Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...