Lucene search
K
VerintWorkforce Optimization

6 matches found

CVE
CVE
added 2024/06/13 12:33 p.m.64 views

CVE-2024-36396

Verified details for CVE-2024-36396 show an affected Verint product: Verint Workforce Optimization (WFO). The vulnerability is CWE-434: Unrestricted Upload of File with Dangerous Type, rooted in a code issue in Verint WFO version 15.2.918.262. This could allow uploading dangerous files via the im...

8.8CVSS8.8AI score0.00438EPSS
CVE
CVE
added 2021/12/15 6:55 a.m.59 views

CVE-2021-36450

Verint Workforce Optimization (WFO) 15.2.8.10048 is vulnerable to Cross-Site Scripting via the control/my_notifications NEWUINAV parameter. The root cause is improper validation/output handling that allows injection of script code, potentially enabling browser-based attacks such as session hijack...

6.1CVSS5.9AI score0.68856EPSS
CVE
CVE
added 2024/06/13 12:32 p.m.51 views

CVE-2024-36395

Verint Workforce Optimization (WFO) is affected by a cross-site scripting (XSS) vulnerability (CWE-80) caused by improper neutralization of script-related HTML tags in web pages. The CNNVD entry cites Verint WFO version 15.2.918.262 as affected. Root cause: improper HTML/script tag handling. Impa...

6.1CVSS6.2AI score0.00254EPSS
CVE
CVE
added 2021/10/08 3:7 p.m.45 views

CVE-2021-41825

Verint Workforce Optimization (WFO) 15.2.5.1033 contains an HTML injection vulnerability in the /wfo/control/signin username parameter. The issue is documented across multiple sources (NVD/CVE and Red Hat advisories) and is confirmed by connected records. The root cause is an HTML injection flaw ...

5.3CVSS5.4AI score0.01057EPSS
Web
CVE
CVE
added 2020/06/22 5:31 p.m.41 views

CVE-2020-13480

The connected records confirm CVE-2020-13480 affects Verint Workforce Optimization (WFO) version 15.2 and is caused by HTML injection via the Send Email feature. The vulnerability details indicate an injection in a functional path that could affect email composition/handling within WFO. No exploi...

5.4CVSS5.7AI score0.00979EPSS
CVE
CVE
added 2020/09/22 1:24 p.m.41 views

CVE-2020-23446

CVE-2020-23446 affects Verint Workforce Optimization suite 15.1 (15.1.0.37634), with an Unauthenticated Information Disclosure via API. The connected sources consistently describe a vulnerable API surface that can leak information without authentication. No exploit specifics or vendor-mitigations...

5.3CVSS5.2AI score0.0146EPSS