Verint Workforce_optimization
6 CVEs affecting Verint Workforce_optimization. Latest disclosed: 2024-06-13. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36396 | High | 8.8 | 2024-06-13 | Verint - CWE-434: Unrestricted Upload of File with Dangerous Type |
CVE-2024-36395 | Medium | 6.1 | 2024-06-13 | Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) |
CVE-2021-36450 | Medium | 6.1 | 2021-12-15 | Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. |
CVE-2020-13480 | Medium | 5.4 | 2020-06-22 | Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. |
CVE-2021-41825 | Medium | 5.3 | 2021-10-08 | Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. |
CVE-2020-23446 | Medium | 5.3 | 2020-09-22 | Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API |