NCH IVM Attendant is an application of nch. A cross-site scripting vulnerability exists in NCH IVM Attendant, which stems from the productβs Mailbox name failing to properly filter incoming data for special characters, and could be exploited by attackers to execute client-side code.