Lucene search
MitreCVELIST:CVE-2021-42136HistoryApr 13, 2022 - 3:32 p.m.
CVE-2021-42136
2022-04-1315:32:56
mitre
www.cve.org
4
vulnerability
cross-site scripting
redcap
missing data codes
remote attack
javascript
cross-site request forgery
privilege escalation
A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote attackers to execute JavaScript code in the client’s browser by storing said code as a Missing Data Code value. This can then be leveraged to execute a Cross-Site Request Forgery attack to escalate privileges to administrator.
Related
prion
prion
Cross site scripting
2022-04-13 16:15:00
zdt
zdt
REDCap 11.3.9 - Stored Cross Site Scripting Vulnerability
2022-04-19 00:00:00
REDCap Cross Site Scripting Vulnerability
2022-04-14 00:00:00
cve
cve
CVE-2021-42136
2022-04-13 16:15:09
nvd
nvd
CVE-2021-42136
2022-04-13 16:15:09
cnvd
cnvd
REDCap Cross-Site Scripting Vulnerability (CNVD-2022-81345)
2022-04-15 00:00:00
packetstorm
packetstorm
REDCap Cross Site Scripting
2022-04-14 00:00:00
exploitdb
exploitdb
REDCap 11.3.9 - Stored Cross Site Scripting
2022-04-19 00:00:00