Описание
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website. Thus, this allows malicious actions to be executed without user consent.
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website. Thus, this allows malicious actions to be executed without user consent.
Связанные уязвимости
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website. Thus, this allows malicious actions to be executed without user consent.