Skip to main content

Workforce Optimization

6 CVEs product

Monthly

CVE-2024-36396 HIGH This Week

Verint - CWE-434: Unrestricted Upload of File with Dangerous Type. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Workforce Optimization
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-36395 MEDIUM This Month

Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Workforce Optimization
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2021-36450 MEDIUM POC THREAT This Month

Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 68.9%.

XSS Workforce Optimization
NVD VulDB
CVSS 3.1
6.1
EPSS
68.9%
Threat
4.8
CVE-2021-41825 MEDIUM POC This Month

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Workforce Optimization
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-23446 MEDIUM POC This Month

Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Information Disclosure Workforce Optimization
NVD VulDB
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-13480 MEDIUM POC This Month

Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Workforce Optimization
NVD
CVSS 3.1
5.4
EPSS
1.0%
EPSS 0% CVSS 8.8
HIGH This Week

Verint - CWE-434: Unrestricted Upload of File with Dangerous Type. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Workforce Optimization
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Workforce Optimization
NVD
EPSS 69% 4.8 CVSS 6.1
MEDIUM POC THREAT This Month

Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 68.9%.

XSS Workforce Optimization
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Workforce Optimization
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Information Disclosure Workforce Optimization
NVD VulDB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Workforce Optimization
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy