exploitDog

GHSA-5cvm-9gmj-pww2

Опубликовано: 12 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.

Ссылки

EPSS

Процентиль: 64%

0.00464

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-42715

CVSS3: 6.1

nvd

больше 3 лет назад

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.

EPSS

Процентиль: 64%

0.00464

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79