Filtered by vendor Egain
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15948 | 1 Egain | 1 Chat | 2024-11-21 | 6.1 Medium |
| eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. | ||||
| CVE-2019-17123 | 1 Egain | 1 Mail | 2024-11-21 | 7.5 High |
| The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to /system/ws/v11/ss/email) are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. (Also, the message parameter can have initial HTML comment characters.) | ||||
| CVE-2019-13976 | 1 Egain | 1 Chat | 2024-11-21 | N/A |
| eGain Chat 15.0.3 allows unrestricted file upload. | ||||
| CVE-2019-13975 | 1 Egain | 1 Chat | 2024-11-21 | N/A |
| eGain Chat 15.0.3 allows HTML Injection. | ||||
Page 1 of 1.