exploitDog

CVE-2021-41825

Опубликовано: 08 окт. 2021

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.

Ссылки

https://0xy37.medium.com/my-first-cve-cve-2021-41825-verint-workforce-optimization-html-injection-6dd450e7f2af
Exploit
Third Party Advisory
https://www.verint.com/engagement/our-offerings/solutions/workforce-optimization/
Product
Vendor Advisory
https://0xy37.medium.com/my-first-cve-cve-2021-41825-verint-workforce-optimization-html-injection-6dd450e7f2af
Exploit
Third Party Advisory
https://www.verint.com/engagement/our-offerings/solutions/workforce-optimization/
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:verint:workforce_optimization:15.2.5.1033:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00456

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-f39v-q624-j2vx

CVSS3: 5.3

github

больше 3 лет назад

Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.

EPSS

Процентиль: 63%

0.00456

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79