CVE-2020-13480

Name of the Vulnerable Software and Affected Versions Verint Workforce Optimization (WFO) version 15.2

Description The issue allows HTML injection via the "send email" feature. This could potentially lead to malicious activities such as phishing or cross-site scripting (XSS) attacks, where an attacker injects HTML code into a website, which is then executed by the user's browser.

Recommendations For Verint Workforce Optimization (WFO) version 15.2, consider disabling the "send email" feature until a patch is available to prevent potential HTML injection attacks. Restrict access to this feature to minimize the risk of exploitation. Avoid using the "send email" feature in sensitive or untrusted environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.