verint 漏洞與 CVE 列表(17)

產品(CPE): — CVE 數: 17

verint 漏洞概覽

彙總 verint 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 跨站腳本與CSRF 等問題,部分漏洞可能導致 工作階段劫持,並影響 生產負載與軟體部署 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11717 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-21730 Verba is affected by a Stored Cross-Site Scripting (XSS) vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and password combination, the supplied username value is recorded in the application logs. Due to lack of input sanitization, an attacker can inject a malicious XSS payload into the username field. This payload will be executed in the context of the administrator’s browser when the admin accesses the web [email protected] 5.3 0.21% 2026-05-14 2026-06-17
CVE-2024-36396 Verint - CWE-434: Unrestricted Upload of File with Dangerous Type [email protected] 8.8 0.44% 2024-06-13 2026-06-17
CVE-2024-36395 Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) [email protected] 6.1 0.25% 2024-06-13 2026-06-17
CVE-2023-33257 Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat. [email protected] 5.4 0.35% 2023-08-02 2026-06-17
CVE-2020-12744 The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair. [email protected] 7.8 0.19% 2022-10-20 2026-06-16
CVE-2021-36450 Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter. [email protected] 6.1 69.43% 2021-12-15 2026-07-04
CVE-2021-41825 Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter. [email protected] 5.3 1.06% 2021-10-08 2026-06-17
CVE-2020-23446 Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API [email protected] 5.3 1.46% 2020-09-22 2026-07-04
CVE-2020-24057 The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as 'root'. [email protected] 8.8 5.48% 2020-08-21 2026-06-16
CVE-2020-24056 A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols. [email protected] 7.5 1.25% 2020-08-21 2026-06-16
CVE-2020-24055 Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication. [email protected] 9.8 1.62% 2020-08-21 2026-06-16
CVE-2019-12784 An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and potentially compromise valid credentials without ever sending any traffic from their own machine to the target site. [email protected] 8.8 0.69% 2020-07-14 2026-06-16
CVE-2019-12783 An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess and potentially compromise valid credentials without ever sending any traffic from their own machine to the target site. [email protected] 6.1 0.86% 2020-07-14 2026-06-16
CVE-2019-12773 An issue was discovered in Verint Impact 360 15.1. At wfo/help/help_popup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link. [email protected] 6.1 0.84% 2020-07-14 2026-06-16
CVE-2020-13480 Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature. [email protected] 5.4 0.98% 2020-06-22 2026-06-16
CVE-2018-17872 Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions. [email protected] 8.8 2.24% 2018-10-04 2026-06-16
CVE-2018-17871 Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control. [email protected] 6.5 1.79% 2018-10-04 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence