Contact Center Security Vulnerabilities and Issues — Contact Center CVE List

Lucene search

SapContact Center

4 matches found

CVE•added 2021/09/14 12:15 p.m.•39 views

CVE-2021-33673

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting (XSS) vulnerability when a user browses through the employee directory and to execute arbitrary code ...

8.3CVSS5.8AI score0.00327EPSS

CVE•added 2021/09/14 12:15 p.m.•38 views

CVE-2021-33675

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting (XSS) vulnerability through phishing and to execute arbitrary code on the victim's browser.

6.1CVSS6AI score0.00295EPSS

CVE•added 2021/09/14 12:15 p.m.•36 views

CVE-2021-33674

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting (XSS) vulnerability when creating a new email and to execute arbitrary code on the victim's browser.

6.5CVSS6AI score0.00265EPSS

CVE•added 2021/09/14 12:15 p.m.•35 views

CVE-2021-33672

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the att...

9.6CVSS9.2AI score0.00269EPSS