Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/11 12:11 a.m.8 views

CVE-2025-12922

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...

8.8CVSS6.5AI score0.00525EPSS
Exploits0References1
OSV
OSV
added 2025/11/10 1:15 a.m.5 views

CVE-2025-12922

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...

8.8CVSS5.4AI score
Exploits0References5
NVD
NVD
added 2025/11/10 12:15 a.m.6 views

CVE-2025-12921

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...

8.8CVSS0.00517EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.7 views

OpenClinica Community Edition 安全漏洞

OpenClinica Community Edition is a clinical data management system from OpenClinica, Inc. in the United States. A security vulnerability exists in OpenClinica Community Edition versions 3.12.2 and 3.13, which stems from an incorrect manipulation of the parameter xmlfile in the file/ImportCRFData,...

8.8CVSS5AI score0.00517EPSS
Exploits1References5
CVE
CVE
added 2025/11/09 11:32 p.m.19 views

CVE-2025-12921

OpenClinica Community Edition vulnerable to XML injection in CRF Data Import, via /ImportCRFData?action=confirm with manipulated xml_file. Affected versions: up to 3.12.2/3.13. Attacker could exploit remotely; exploit has been disclosed publicly. Remediation is to upgrade to a newer release (vers...

8.8CVSS6.5AI score0.00517EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/11/09 11:32 p.m.14 views

CVE-2025-12921 OpenClinica Community Edition CRF Data Import ImportCRFData xml injection

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...

5.3CVSS0.00517EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/09 11:32 p.m.6 views

CVE-2025-12921 OpenClinica Community Edition CRF Data Import ImportCRFData xml injection

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...

5.3CVSS6.5AI score0.00517EPSS
Exploits1References5
Rows per page
Query Builder