CVE-2021-37599
N/A
N/A
Summary
The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read the database (and execute code in some situations) via the txtPassword parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://slazarus.xyz/winscribe.html
- https://www.nuance.com/dragon/business-solutions/winscribe-dictation-workflow.html
References
- https://slazarus.xyz/winscribe.html
- https://www.nuance.com/dragon/business-solutions/winscribe-dictation-workflow.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.