A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.
Metrics
Affected Vendors & Products
References
History
Sun, 22 Dec 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-12-22T00:00:00
Updated: 2024-12-22T21:09:53.533331
Reserved: 2024-12-18T00:00:00
Link: CVE-2024-56314
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-22T22:15:06.670
Modified: 2024-12-22T22:15:06.670
Link: CVE-2024-56314
Redhat
No data.