Vulnerabilities > Verint > Workforce Optimization > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-36395 Unspecified vulnerability in Verint Workforce Optimization 15.2.918.262
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
network
low complexity
verint
6.1
2021-12-15 CVE-2021-36450 Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2.8.10048
Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.
network
low complexity
verint CWE-79
6.1
2021-10-08 CVE-2021-41825 Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2.5.1033
Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.
network
low complexity
verint CWE-79
5.3
2020-09-22 CVE-2020-23446 Authorization Bypass Through User-Controlled Key vulnerability in Verint Workforce Optimization 15.1.0.37634
Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API
network
low complexity
verint CWE-639
5.3
2020-06-22 CVE-2020-13480 Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2
Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature.
network
low complexity
verint CWE-79
5.4