A reflected XSS vulnerability exists in REDCap prior to 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vanderbilt redcap |