Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature.
5.4CVSS
5.7AI Score
0.001EPSS
Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API
5.3CVSS
5.2AI Score
0.002EPSS
Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.
6.1CVSS
5.9AI Score
0.003EPSS
Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.
5.3CVSS
5.4AI Score
0.001EPSS
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
6.1CVSS
6.3AI Score
0.0005EPSS
8.8CVSS
8.8AI Score
0.001EPSS