4 matches found
CVE-2024-37395
A stored cross-site scripting XSS vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Survey Title' and 'Survey Instructions' fields. This vulnerability could be exploited by...
CVE-2024-56377
A stored cross-site scripting XSS vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a user receives a survey and clicks anywhere on the survey page to enter data, the crafted payload whic...
CVE-2024-56377
A stored cross-site scripting XSS vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a user receives a survey and clicks anywhere on the survey page to enter data, the crafted payload whic...
PT-2025-3274 · Redcap · Redcap
Name of the Vulnerable Software and Affected Versions: REDCap version 14.9.6 Description: A stored cross-site scripting XSS vulnerability in survey titles allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a user receives a survey and...