EPSS
Percentile
24.8%
In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.
github.com/0xfml/poc/blob/main/NCH/WebDictate_2.13_XSS.md
www.nch.com.au/webdictate/index.html