Описание
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.0 (включая) до 8.10.2 (исключая)Версия от 9.0 (включая) до 9.1.2 (исключая)
Одно из
cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*
cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00327
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
больше 3 лет назад
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
EPSS
Процентиль: 55%
0.00327
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79