3 matches found
CVE-2021-37451
Cross Site Scripting XSS exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= reflected...
CVE-2021-37451
Cross Site Scripting XSS exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= reflected...
CVE-2021-37451
CVE-2021-37451 : A reflected XSS in NCH IVM Attendant exists in versions up to v5.12, exploitable via the web path /msglist?mbx= due to insufficient input validation. The issue is described with CVSS v3.1 base score 5.4 (MEDIUM) — attack vector: NETWORK, user interaction required, confidentiality...