5 matches found
CVE-2019-13029
Multiple stored Cross-site scripting XSS issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser...
CVE-2019-13029
creationtimestamp| type| source ---|---|--- 2025-03-19 20:18:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8145...
REDCap Cross Site Scripting
Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. - Location example:...
REDCap 9.1.2 - Cross-Site Scripting
REDCap 9.1.2 - Cross-Site Scripting Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. -...
CVE-2019-13029
CVE-2019-13029 describes multiple stored XSS flaws in REDCap’s admin panel and survey system, affecting REDCap 8 prior to 8.10.20 and REDCap 9 prior to 9.1.2. The vulnerability allows an attacker with admin privileges to inject arbitrary HTML/JavaScript into a user’s browser, with the project nam...