2 matches found
CVE-2022-42715
A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution...
CVE-2022-42715
Affected software: REDCap (prior to 12.04.18). Vulnerability: Reflected XSS in the Alerts & Notifications upload feature. A crafted CSV file can cause arbitrary JavaScript execution in the user’s browser. Root cause / scope: Unclear from provided docs beyond the XSS result via CSV upload; the iss...