MEDIUM
Verint
CVE published 2026-05-14
CVE-2026-21730
A stored cross-site scripting (XSS) vulnerability in Verint Verba Collaboration Compliance and Quality Management Platform allows unauthenticated remote attackers to inject malicious JavaScript payloads via the username field during failed login attempts. The unsanitized input is persisted in application logs and executes in an administrator's browser when viewing logs. The vendor was notified but did not [truncated]