.. / CVE-2021-36450

Exploit for Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting (CVE-2021-36450)

Description:

Verint Workforce Optimization 15.2.8.10048 contains a cross-site scripting vulnerability via the control/my_notifications NEWUINAV parameter.

Nuclei Template

View the template here CVE-2021-36450.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-36450.yaml
Copy

References:

http://verint.com
https://medium.com/%401nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740
https://sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html
https://medium.com/@1nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740
https://nvd.nist.gov/vuln/detail/CVE-2021-36450