exploitDog

GHSA-mjf7-37pm-5wf4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.

In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.

Ссылки

EPSS

Процентиль: 51%

0.00278

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-37470

CVSS3: 5.4

nvd

больше 4 лет назад

In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.

EPSS

Процентиль: 51%

0.00278

Низкий

CVE ID

Дефекты

CWE-79