Redcap Security Vulnerabilities and Issues — Redcap CVE List

Lucene search

VanderbiltRedcap

6 matches found

CVE•added 2019/07/11 7:15 p.m.•88 views

CVE-2019-13029

Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.

4.8CVSS5AI score0.0039EPSS

CVE•added 2013/06/17 11:38 a.m.•40 views

CVE-2013-4612

Multiple cross-site scripting (XSS) vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules.

4.3CVSS5.8AI score0.00225EPSS

CVE•added 2013/06/17 11:38 a.m.•39 views

CVE-2012-6564

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00225EPSS

CVE•added 2013/06/17 11:38 a.m.•39 views

CVE-2013-4608

Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.

4.3CVSS5.8AI score0.00225EPSS

CVE•added 2013/06/17 11:38 a.m.•34 views

CVE-2012-6566

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00225EPSS

CVE•added 2020/11/02 9:15 p.m.•30 views

CVE-2020-27358

An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another's conversation threads by changing the thread_id parameter in the request to the endpoint Mes...

4.3CVSS4.8AI score0.03426EPSS