Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected).
Published July 25, 2021.
Nchsoftware Ivm Attendant
