4 matches found
CVE-2024-56376
A stored cross-site scripting XSS vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the received message, the crafted payload is executed, potentially enabling the execution of arbitrary web...
CVE-2024-56376
creationtimestamp| type| source ---|---|--- 2025-01-09 22:57:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113800867405477443 2025-01-09 23:14:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1111 2025-01-09 23:15:27+00:00| seen|...
CVE-2024-56376
CVE-2024-56376 is a stored XSS in REDCap 14.9.6’s built-in messenger. Authenticated users can inject malicious scripts into the message field, and the payload executes when the recipient clicks the message, enabling potential arbitrary web-script execution. No fix details are provided in the init...
CVE-2024-56376
A stored cross-site scripting XSS vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the received message, the crafted payload is executed, potentially enabling the execution of arbitrary web...