CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

CNVD•added 2021/12/19 12:0 a.m.•23 views

Verint Systems Verint Workforce Optimization Cross-Site Scripting Vulnerability

Verint Systems Verint Workforce Optimization WFO is a workforce performance management solution from Verint Systems, Inc. A cross-site scripting vulnerability exists in version 8.10048, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploi...

6.1CVSS2.9AI score0.20063EPSS

Exploits1References1

Prion•added 2021/12/15 7:15 a.m.•15 views

Cross site scripting

Verint Workforce Optimization WFO 15.2.8.10048 allows XSS via the control/mynotifications NEWUINAV parameter...

4.3CVSS5.9AI score0.20063EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/12/15 6:55 a.m.•12 views

CVE-2021-36450

Verint Workforce Optimization WFO 15.2.8.10048 allows XSS via the control/mynotifications NEWUINAV parameter...

6.1AI score0.20063EPSS

Exploits1References3

CVE•added 2021/12/15 6:55 a.m.•53 views

CVE-2021-36450

Verint Workforce Optimization (WFO) 15.2.8.10048 is vulnerable to Cross-Site Scripting via the control/my_notifications NEWUINAV parameter. The root cause is improper validation/output handling that allows injection of script code, potentially enabling browser-based attacks such as session hijack...

6.1CVSS5.9AI score0.20063EPSS

Exploits1References3Affected Software1

NVD•added 2021/10/08 4:15 p.m.•8 views

CVE-2021-41825

Verint Workforce Optimization WFO 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter...

5.3CVSS0.00368EPSS

Exploits1References2

Prion•added 2021/10/08 4:15 p.m.•9 views

Design/Logic Flaw

Verint Workforce Optimization WFO 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter...

5CVSS5.5AI score0.00368EPSS

Exploits1References2Affected Software1

CVE•added 2021/10/08 3:7 p.m.•35 views

CVE-2021-41825

Verint Workforce Optimization (WFO) 15.2.5.1033 contains an HTML injection vulnerability in the /wfo/control/signin username parameter. The issue is documented across multiple sources (NVD/CVE and Red Hat advisories) and is confirmed by connected records. The root cause is an HTML injection flaw ...

5.3CVSS5.4AI score0.00368EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/10/08 3:7 p.m.•11 views

CVE-2021-41825

Verint Workforce Optimization WFO 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter...

5.8AI score0.00368EPSS

Exploits1References2

NVD•added 2020/09/22 2:15 p.m.•7 views

CVE-2020-23446

Verint Workforce Optimization suite 15.1 15.1.0.37634 has Unauthenticated Information Disclosure via API...

5.3CVSS0.00455EPSS

Exploits1References3

Prion•added 2020/09/22 2:15 p.m.•10 views

Information disclosure

Verint Workforce Optimization suite 15.1 15.1.0.37634 has Unauthenticated Information Disclosure via API...

5CVSS5.2AI score0.00455EPSS

Exploits1References3Affected Software1

OSV•added 2020/07/14 8:15 p.m.•0 views

CVE-2019-12784

An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and...

8.8CVSS6.7AI score0.00227EPSS

Exploits2References2

Prion•added 2020/06/22 6:15 p.m.•10 views

Design/Logic Flaw

Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...

3.5CVSS5.7AI score0.00254EPSS

Exploits1References3Affected Software1

CVE•added 2020/06/22 5:31 p.m.•36 views

CVE-2020-13480

The connected records confirm CVE-2020-13480 affects Verint Workforce Optimization (WFO) version 15.2 and is caused by HTML injection via the Send Email feature. The vulnerability details indicate an injection in a functional path that could affect email composition/handling within WFO. No exploi...

5.4CVSS5.7AI score0.00254EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by