Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 11:58 p.m.6 views

CVE-2022-24127

A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...

5.4CVSS5.7AI score0.00556EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:55 p.m.4 views

CVE-2022-24004

A Stored Cross-Site Scripting XSS vulnerability was discovered in Messenger/messengerajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title aka newtitle field when editing an existing conversation. The payload executes in the browser...

5.4CVSS5.5AI score0.01802EPSS
Exploits1References1
Prion
Prionadded 2022/06/15 7:15 p.m.18 views

Cross site scripting

A Stored Cross-Site Scripting XSS vulnerability was discovered in Messenger/messengerajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title aka newtitle field when editing an existing conversation. The payload executes in the browser...

3.5CVSS5.1AI score0.01802EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2022/06/15 7:15 p.m.7 views

Cross site scripting

A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...

3.5CVSS5.2AI score0.01802EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2022/06/15 6:16 p.m.53 views

CVE-2022-24127

CVE-2022-24127 is a Stored XSS affecting REDCap 12.0.11. The vulnerability resides in ProjectGeneral/edit_project_settings.php (field app_title) where a user with project management permissions can inject arbitrary code, which is reflected in the page title tag. A related entry exists in Messenge...

5.4CVSS5.2AI score0.00556EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/06/15 6:16 p.m.14 views

CVE-2022-24127

A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...

5.4AI score0.00556EPSS
Exploits1References2
CVE
CVEadded 2022/06/15 6:16 p.m.68 views

CVE-2022-24004

CVE-2022-24004 pertains to a Stored XSS in REDCap 12.0.11 affecting Messenger/messenger_ajax.php. The vulnerability allows any authenticated user editing an existing conversation to inject arbitrary code into the messenger title (new_title) field, with the payload then executing in the browsers o...

5.4CVSS5.1AI score0.01802EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder