Lucene search
+L

4 matches found

nvd
nvd
added 2025/01/09 11:15 p.m.15 views

CVE-2024-56376

A stored cross-site scripting XSS vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the received message, the crafted payload is executed, potentially enabling the execution of arbitrary web...

5.4CVSS0.00392EPSS
Exploits1References2
circl
circl
added 2025/01/09 10:57 p.m.9 views

CVE-2024-56376

creationtimestamp| type| source ---|---|--- 2025-01-09 22:57:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113800867405477443 2025-01-09 23:14:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1111 2025-01-09 23:15:27+00:00| seen|...

5.4CVSS4.8AI score0.00392EPSS
Exploits1References5
cve
cve
added 2025/01/09 12:0 a.m.56 views

CVE-2024-56376

CVE-2024-56376 is a stored XSS in REDCap 14.9.6’s built-in messenger. Authenticated users can inject malicious scripts into the message field, and the payload executes when the recipient clicks the message, enabling potential arbitrary web-script execution. No fix details are provided in the init...

5.4CVSS5.6AI score0.00392EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2025/01/09 12:0 a.m.18 views

CVE-2024-56376

A stored cross-site scripting XSS vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the received message, the crafted payload is executed, potentially enabling the execution of arbitrary web...

5.4CVSS0.00392EPSS
Exploits1References2
Rows per page
Query Builder