CVE-2026-21730: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Verint Verba
Verint Verba contains a stored Cross-Site Scripting (XSS) vulnerability in its login logging mechanism. An unauthenticated attacker can inject malicious scripts via the username field during failed login attempts. These scripts are stored in application logs and executed in the administrator's browser when viewing logs. The issue was fixed in version 10.0.6. The vulnerability has a medium severity rating with a CVSS score of 5.3.
AI Analysis
Technical Summary
CVE-2026-21730 is a stored XSS vulnerability in Verint Verba's login logging feature. When an attacker submits a crafted username during a failed login, the input is logged without proper sanitization. This allows malicious script injection that executes in the context of an administrator's browser when accessing the log viewer. The vulnerability affects versions prior to 10.0.6, where it has been fixed. The CVSS 4.0 vector indicates network attack vector, low complexity, no privileges required, user interaction required, and low scope and impact metrics.
Potential Impact
An attacker can execute arbitrary scripts in the administrator's browser by injecting malicious payloads into the username field during failed login attempts. This could lead to session hijacking, unauthorized actions, or information disclosure within the admin interface. However, exploitation requires the administrator to view the logs containing the injected payload. The vulnerability is rated medium severity with a CVSS score of 5.3.
Mitigation Recommendations
Upgrade Verint Verba to version 10.0.6 or later, where this vulnerability has been fixed. Since the vendor has released an official fix, applying this update is the recommended remediation. Until the upgrade is applied, restrict administrative access to the log viewer to trusted personnel only to reduce risk.
CVE-2026-21730: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Verint Verba
Description
Verint Verba contains a stored Cross-Site Scripting (XSS) vulnerability in its login logging mechanism. An unauthenticated attacker can inject malicious scripts via the username field during failed login attempts. These scripts are stored in application logs and executed in the administrator's browser when viewing logs. The issue was fixed in version 10.0.6. The vulnerability has a medium severity rating with a CVSS score of 5.3.
CVSS v4.0
Score 5.3medium
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-21730 is a stored XSS vulnerability in Verint Verba's login logging feature. When an attacker submits a crafted username during a failed login, the input is logged without proper sanitization. This allows malicious script injection that executes in the context of an administrator's browser when accessing the log viewer. The vulnerability affects versions prior to 10.0.6, where it has been fixed. The CVSS 4.0 vector indicates network attack vector, low complexity, no privileges required, user interaction required, and low scope and impact metrics.
Potential Impact
An attacker can execute arbitrary scripts in the administrator's browser by injecting malicious payloads into the username field during failed login attempts. This could lead to session hijacking, unauthorized actions, or information disclosure within the admin interface. However, exploitation requires the administrator to view the logs containing the injected payload. The vulnerability is rated medium severity with a CVSS score of 5.3.
Mitigation Recommendations
Upgrade Verint Verba to version 10.0.6 or later, where this vulnerability has been fixed. Since the vendor has released an official fix, applying this update is the recommended remediation. Until the upgrade is applied, restrict administrative access to the log viewer to trusted personnel only to reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CERT-PL
- Date Reserved
- 2026-01-05T11:45:11.492Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a05da75ec166c07b0e78b0a
Added to database: 5/14/2026, 2:21:41 PM
Last enriched: 5/21/2026, 3:46:33 PM
Last updated: 6/15/2026, 4:30:23 PM
Views: 59
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.