PT-2026-40928 · Verint · Verba+1

·

CVE-2026-21730

·

Published

2026-05-14

·

Updated

2026-06-01

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Verba versions prior to 10.0.6
Description A Stored Cross-Site Scripting (XSS) issue exists in the login logging mechanism. An unauthenticated remote attacker can inject a malicious payload into the username field during a failed login attempt. Because the application fails to sanitize this input, the payload is stored in the logs and subsequently executed in the administrator's browser when they access the log viewer.
Recommendations Update to version 10.0.6.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-21730

Affected Products

Verba
Verba Collaboration Compliance/Quality Management Platform