Cross-site scripting (XSS) vulnerability in REDCap prior to 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vanderbilt redcap 4.14.1 |
||
vanderbilt redcap |
||
vanderbilt redcap 4.14.0 |