Vulnerability in N/a
CVE-2021-36450
Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.
EPSS: 0.664 (99.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- verint.com (x_refsource_MISC)
- sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html (x_refsource_MISC)
- medium.com/@1nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740 (x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-36450?
- CVE-2021-36450 is a vulnerability in N/a. Published 2021-12-15.
- Is CVE-2021-36450 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.