Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
REDCap 跨站脚本漏洞
Vulnerability Description
REDCap是一款数据收集和管理Web应用程序。 REDCap 12.0.11 版本存在安全漏洞,该漏洞源于 ProjectGeneral/edit_project_settings.php 中存在存储跨站点脚本(XSS)问题。经过身份验证的远程攻击者利用该漏洞可通过 Messenger 功能和管理界面注入任意 JavaScript 或 HTML。
CVSS Information
N/A
Vulnerability Type
N/A