Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/03/20 3:46 p.m.11 views

CVE-2019-13029

Multiple stored Cross-site scripting XSS issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser...

4.8CVSS5.9AI score0.02469EPSS
Exploits4References1
circl
circl
added 2025/03/19 8:18 p.m.5 views

CVE-2019-13029

creationtimestamp| type| source ---|---|--- 2025-03-19 20:18:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8145...

4.8CVSS4.7AI score0.02469EPSS
Exploits4References1
packetstorm
packetstorm
added 2019/07/19 12:0 a.m.221 views

REDCap Cross Site Scripting

Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. - Location example:...

4.3CVSS5.2AI score0.02469EPSS
Exploits4
exploitpack
exploitpack
added 2019/07/19 12:0 a.m.48 views

REDCap 9.1.2 - Cross-Site Scripting

REDCap 9.1.2 - Cross-Site Scripting Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. -...

3.5CVSS5AI score0.02469EPSS
Exploits4
cve
cve
added 2019/07/11 6:52 p.m.113 views

CVE-2019-13029

CVE-2019-13029 describes multiple stored XSS flaws in REDCap’s admin panel and survey system, affecting REDCap 8 prior to 8.10.20 and REDCap 9 prior to 9.1.2. The vulnerability allows an attacker with admin privileges to inject arbitrary HTML/JavaScript into a user’s browser, with the project nam...

4.8CVSS5AI score0.02469EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder