漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
REDCap 跨站脚本漏洞
Vulnerability Description
REDCap是一款数据收集和管理Web应用程序。 REDCap 12.0.11 版本存在安全漏洞,该漏洞源于 ProjectGeneral/edit_project_settings.php 中存在存储跨站点脚本(XSS)问题。经过身份验证的远程攻击者利用该漏洞可通过 Messenger 功能和管理界面注入任意 JavaScript 或 HTML。
CVSS Information
N/A
Vulnerability Type
N/A