6 matches found
EUVD-2025-56311
Malicious code in yanti-tahu48-sluey npm...
CVE-2025-56311
creationtimestamp| type| source ---|---|--- 2025-09-23 20:36:54+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115255529504853039...
CVE-2024-56311
REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery CSRF attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This...
CVE-2024-56311
REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery CSRF attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This...
CVE-2024-56311
REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery CSRF attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This...
CVE-2024-56311
CVE-2024-56311 affects REDCap’s calendar notes feature where CSRF protection is missing on logout. Affected versions range from REDCap 14.9.6 (and up to 15.0.0 per PTSecurity) with notes-based logout potentially terminating sessions when a user accesses a calendar note. Root cause: lack of CSRF p...