CVE-2019-17176 2019-10-11T17:15:08.917-04:00 2019-10-15T08:05:14.900-04:00 MISC https://docs.genesys.com/Documentation/ES MISC https://docs.genesys.com/extensions/Repository/cache2/public/eServices/8.1/mm_81advisory.html MISC https://gist.github.com/MortalP0ison/2225f19abd173548c884ccc2acb9a398 MISC https://gist.github.com/MortalP0ison/5fd584b4c85fa13281fdc918913446fa MISC https://twitter.com/@Mortal_Poison_ MISC https://xecure-labs.com Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).