Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-27359
HistoryOct 31, 2020 - 4:22 p.m.

CVE-2020-27359

2020-10-3116:22:03
mitre
www.cve.org
9
xss
redcap
8.11.6
9.x
javascript
html
image
file
admins

EPSS

0.001

Percentile

26.9%

JSON

A cross-site scripting (XSS) issue in REDCap 8.11.6 through 9.x before 10 allows attackers to inject arbitrary JavaScript or HTML in the Messenger feature. It was found that the filename of the image or file attached in a message could be used to perform this XSS attack. A user could craft a message and send it to anyone on the platform including admins. The XSS payload would execute on the other account without interaction from the user on several pages.

Related

prion 1
nvd 1
cve 1
githubexploit 1
prion
prion
Cross site scripting
2020-11-02 21:15:00
nvd
nvd
CVE-2020-27359
2020-11-02 21:15:28
cve
cve
CVE-2020-27359
2020-11-02 21:15:28
githubexploit
githubexploit
Exploit for Incorrect Default Permissions in Vanderbilt Redcap
2020-11-02 04:54:52

EPSS

0.001

Percentile

26.9%

JSON
Related for CVELIST:CVE-2020-27359
prion1nvd1cve1githubexploit1