CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

325 matches found

RedhatCVE•added 2026/01/09 10:58 a.m.•8 views

CVE-2025-23113

An issue was discovered in REDCap 14.9.6. It has an action=myprojects=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An attacker can send the victim a CSV file containing an HTML injection payload in the alert-title. Once the...

8.8CVSS7AI score0.00082EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:52 a.m.•3 views

CVE-2022-42715

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution...

6.1CVSS6.3AI score0.00489EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:17 a.m.•4 views

CVE-2025-23111

An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website...

6.1CVSS6.9AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:17 a.m.•3 views

CVE-2025-23112

An issue was discovered in REDCap 14.9.6. A stored cross-site scripting XSS vulnerability allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user receive the survey, if he clicks on the field name, it triggers the XSS payload...

6.1CVSS4.8AI score0.00249EPSS

Exploits0References1

RedhatCVE•added 2026/01/03 12:33 a.m.•4 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

5.3CVSS6.9AI score0.00034EPSS

Exploits0References1

NVD•added 2026/01/02 3:15 p.m.•1 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

5.3CVSS0.00034EPSS

Exploits0References2

OSV•added 2026/01/02 3:15 p.m.•1 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

5.3CVSS5.8AI score0.00034EPSS

Exploits0References2

Positive Technologies•added 2026/01/02 12:0 a.m.•3 views

PT-2026-1067

Name of the Vulnerable Software and Affected Versions REDCap version 14.3.13 Description REDCap version 14.3.13 is affected by an issue that allows an attacker to enumerate usernames due to an observable discrepancy between login attempts. Recommendations At the moment, there is no information...

5.3CVSS6.5AI score0.00034EPSS

Exploits0References4

CVE•added 2026/01/02 12:0 a.m.•4 views

CVE-2024-55374

REDCap 14.3.13 is affected by a username-enumeration vulnerability caused by an observable discrepancy between login attempts. The issue allows an attacker to enumerate valid usernames. Public details on exploitability, affected versions beyond 14.3.13, and a confirmed fix are not provided in the...

5.3CVSS6.5AI score0.00034EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/01/02 12:0 a.m.•1 views

CVE-2024-55374

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts...

6.5AI score0.00034EPSS

Exploits0References2

CNNVD•added 2026/01/02 12:0 a.m.•2 views

REDCap 安全漏洞

REDCap is a data collection and management web application from REDCap Open Source. A security vulnerability exists in REDCap version 14.3.13 that stems from an observable difference between login attempts and could lead an attacker to enumerate usernames...

5.3CVSS6.7AI score0.00034EPSS

Exploits0References2