CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

80 matches found

RedhatCVE•added 2026/01/09 10:58 a.m.•8 views

CVE-2025-23113

An issue was discovered in REDCap 14.9.6. It has an action=myprojects=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An attacker can send the victim a CSV file containing an HTML injection payload in the alert-title. Once the...

8.8CVSS7AI score0.00082EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:52 a.m.•3 views

CVE-2022-42715

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution...

6.1CVSS6.3AI score0.00489EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:17 a.m.•4 views

CVE-2025-23111

An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website...

6.1CVSS6.9AI score0.00099EPSS

Exploits0References1

NVD•added 2026/01/02 3:15 p.m.•1 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

5.3CVSS0.00034EPSS

Exploits0References2

CVE•added 2026/01/02 12:0 a.m.•6 views

CVE-2024-55374

REDCap 14.3.13 is affected by a username-enumeration vulnerability caused by an observable discrepancy between login attempts. The issue allows an attacker to enumerate valid usernames. Public details on exploitability, affected versions beyond 14.3.13, and a confirmed fix are not provided in the...

5.3CVSS6.5AI score0.00034EPSS

Exploits0References2Affected Software1