6 matches found
EUVD-2024-53104
Malicious code in bioql PyPI...
EUVD-2023-41672
Malicious code in bioql PyPI...
CVE-2024-56314
A stored cross-site scripting XSS vulnerability in the Project name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2024-56312
Summary: CVE-2024-56312 is a stored XSS vulnerability in REDCap’s Project Dashboard name field (affected up to version 14.9.6). An authenticated user can inject malicious scripts that execute when the Dashboard name is clicked. The issue stems from insufficient input validation in the name field ...