Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
REDCap 安全漏洞
Vulnerability Description
REDCap是REDCap开源的一款数据收集和管理Web应用程序。 REDCap 15.0.0及之前版本存在安全漏洞,该漏洞源于注销功能缺乏跨站请求伪造保护,导致攻击者可以触发注销请求并终止他们的会话。
CVSS Information
N/A
Vulnerability Type
N/A