Chat
by Nice
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13976 | Cri | 0.64 | 9.8 | 0.02 | Sep 4, 2019 | eGain Chat 15.0.3 allows unrestricted file upload. | ||
| CVE-2021-30480 | Hig | 0.56 | 8.5 | 0.06 | Apr 9, 2021 | Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific… | ||
| CVE-2025-59902 | Hig | 0.46 | — | 0.00 | Feb 3, 2026 | HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session. The injected HTML is included in the body of the email… | ||
| CVE-2021-33488 | Med | 0.40 | 6.1 | 0.01 | Nov 22, 2021 | chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook. | ||
| CVE-2020-15948 | Med | 0.40 | 6.1 | 0.01 | Jul 30, 2021 | eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. | ||
| CVE-2019-13975 | Med | 0.40 | 6.1 | 0.01 | Sep 4, 2019 | eGain Chat 15.0.3 allows HTML Injection. | ||
| CVE-2005-2036 | 0.00 | — | 0.02 | Jun 16, 2005 | modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value. |
- risk 0.64cvss 9.8epss 0.02
eGain Chat 15.0.3 allows unrestricted file upload.
- risk 0.56cvss 8.5epss 0.06
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific…
- risk 0.46cvss —epss 0.00
HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session. The injected HTML is included in the body of the email…
- risk 0.40cvss 6.1epss 0.01
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.
- risk 0.40cvss 6.1epss 0.01
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
- risk 0.40cvss 6.1epss 0.01
eGain Chat 15.0.3 allows HTML Injection.
- CVE-2005-2036Jun 16, 2005risk 0.00cvss —epss 0.02
modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value.