CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type |
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) |
1Verint 1Workforce Optimization Nov 21, 2024 Dec 15, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. |
1Verint 1Workforce Optimization Nov 21, 2024 Oct 8, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. |
1Verint 1Workforce Optimization Nov 21, 2024 Sep 22, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API |
1Verint 1Workforce Optimization Nov 21, 2024 Jun 22, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. |