CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/22 8:5 p.m.•7 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.4CVSS6AI score0.00278EPSS

Exploits1References1

CNVD•added 2021/07/26 12:0 a.m.•13 views

NCH WebDictate Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in NCH WebDictate, a web-based dictation recording, editing, and management software, which stems from a failure of the product's Recipient Name field to properly validate user data, which could be exploited to add or modify affected fields...

5.4CVSS1.7AI score0.00278EPSS

Exploits1References1

OSV•added 2021/07/25 9:15 p.m.•2 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.4CVSS6.2AI score0.00278EPSS

Exploits1References2

NVD•added 2021/07/25 9:15 p.m.•6 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.4CVSS0.00278EPSS

Exploits1References2

Prion•added 2021/07/25 9:15 p.m.•8 views

Cross site scripting

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

3.5CVSS5.2AI score0.00278EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/07/25 8:8 p.m.•12 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.5AI score0.00278EPSS

Exploits1References2

CVE•added 2021/07/25 8:8 p.m.•58 views

CVE-2021-37470

CVE-2021-37470 : In NCH WebDictate v2.13, a persistent Cross-Site Scripting (XSS) flaw exists in the Recipient Name field. An authenticated user can modify this field to inject arbitrary JavaScript, enabling script execution associated with the user’s session. Documented references confirm the vu...

5.4CVSS5.2AI score0.00278EPSS

Exploits1References2Affected Software1