CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:nchsoftware:webdictate:*:*:*:*:*:*:*:*

Information

Published : 2021-07-25 14:15

Updated : 2021-07-30 09:50


NVD link : CVE-2021-37470

Mitre link : CVE-2021-37470


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

nchsoftware

  • webdictate