Nice
Products
2- 7 CVEs
- 2 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-59902 | Hig | 0.46 | — | 0.00 | Feb 3, 2026 | HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session. The injected HTML is included in the body of the email… | ||
| CVE-2021-30480 | 0.01 | — | 0.06 | Apr 9, 2021 | Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific… | |||
| CVE-2021-33488 | 0.00 | — | 0.01 | Nov 22, 2021 | chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook. | |||
| CVE-2020-15948 | 0.00 | — | 0.01 | Jul 28, 2021 | eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. | |||
| CVE-2019-13976 | 0.00 | — | 0.02 | Sep 4, 2019 | eGain Chat 15.0.3 allows unrestricted file upload. | |||
| CVE-2019-13975 | 0.00 | — | 0.01 | Sep 4, 2019 | eGain Chat 15.0.3 allows HTML Injection. | |||
| CVE-2014-4308 | 0.00 | — | 0.01 | Jun 18, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to (2)… | |||
| CVE-2014-4305 | 0.00 | — | 0.02 | Jun 18, 2014 | Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2005-2036 | 0.00 | — | 0.02 | Jun 16, 2005 | modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value. |
- risk 0.46cvss —epss 0.00
HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameters during a chat session. The injected HTML is included in the body of the email…
- CVE-2021-30480Apr 9, 2021risk 0.01cvss —epss 0.06
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific…
- CVE-2021-33488Nov 22, 2021risk 0.00cvss —epss 0.01
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.
- CVE-2020-15948Jul 28, 2021risk 0.00cvss —epss 0.01
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
- CVE-2019-13976Sep 4, 2019risk 0.00cvss —epss 0.02
eGain Chat 15.0.3 allows unrestricted file upload.
- CVE-2019-13975Sep 4, 2019risk 0.00cvss —epss 0.01
eGain Chat 15.0.3 allows HTML Injection.
- CVE-2014-4308Jun 18, 2014risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to (2)…
- CVE-2014-4305Jun 18, 2014risk 0.00cvss —epss 0.02
Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
- CVE-2005-2036Jun 16, 2005risk 0.00cvss —epss 0.02
modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value.