Filtered by vendor Verint
Subscribe
Search
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33257 | 1 Verint | 1 Engagement Management | 2023-08-04 | N/A | 5.4 MEDIUM |
| Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat. | |||||
| CVE-2021-41825 | 1 Verint | 1 Workforce Optimization | 2022-05-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. | |||||
| CVE-2021-36450 | 1 Verint | 1 Workforce Optimization | 2021-12-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. | |||||
| CVE-2020-23446 | 1 Verint | 1 Workforce Optimization | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API | |||||
| CVE-2020-13480 | 1 Verint | 1 Workforce Optimization | 2021-07-21 | 3.5 LOW | 5.4 MEDIUM |
| Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. | |||||
| CVE-2018-17871 | 1 Verint | 1 Verba Collaboration Compliance And Quality Management Platform | 2020-09-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control. | |||||
| CVE-2019-12783 | 1 Verint | 1 Impact 360 | 2020-07-16 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and potentially compromise valid credentials without ever sending any traffic from their own machine to the target site. | |||||
| CVE-2019-12773 | 1 Verint | 1 Impact 360 | 2020-07-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Verint Impact 360 15.1. At wfo/help/help_popup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link. | |||||