Redcap Security Vulnerabilities and Issues — Redcap CVE List

Lucene search

VanderbiltRedcap

2 matches found

CVE•added 2022/04/13 4:15 p.m.•77 views

CVE-2021-42136

A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote attackers to execute JavaScript code in the client's browser by storing said code as a Missing Data Code value. This can then be leveraged to execute a Cross-Site Request ...

9CVSS8.4AI score0.01758EPSS

CVE•added 2024/03/21 2:48 a.m.•26 views

CVE-2023-38825

SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a remote attacker to obtain sensitive information via the password reset mechanism in MyCapMobileApp/update.php.

9.8CVSS7.4AI score0.00065EPSS