CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt