Lucene search

[email protected]NVD:CVE-2013-4608

HistoryJun 17, 2013 - 11:38 a.m.

CVE-2013-4608

2013-06-1711:38:53

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

47.3%

JSON

Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.

Affected configurations

Nvd

Node

project-redcapredcapMatch4.13.18

project-redcapredcapMatch4.14.5

project-redcapredcapMatch4.14.6

project-redcapredcapMatch4.15.0

project-redcapredcapMatch4.15.1

project-redcapredcapMatch4.15.2

project-redcapredcapMatch4.15.3

project-redcapredcapMatch4.15.4

project-redcapredcapMatch5.0.0

project-redcapredcapMatch5.0.1

project-redcapredcapMatch5.0.2

project-redcapredcapMatch5.0.3

project-redcapredcapMatch5.0.4

vanderbiltredcapRange≤5.0.5

vanderbiltredcapMatch4.14.0

vanderbiltredcapMatch4.14.1

vanderbiltredcapMatch4.14.2

vanderbiltredcapMatch4.14.3

vanderbiltredcapMatch4.14.4

VendorProductVersionCPE
project-redcapredcap4.13.18cpe:2.3:a:project-redcap:redcap:4.13.18:*:*:*:*:*:*:*
project-redcapredcap4.14.5cpe:2.3:a:project-redcap:redcap:4.14.5:*:*:*:*:*:*:*
project-redcapredcap4.14.6cpe:2.3:a:project-redcap:redcap:4.14.6:*:*:*:*:*:*:*
project-redcapredcap4.15.0cpe:2.3:a:project-redcap:redcap:4.15.0:*:*:*:*:*:*:*
project-redcapredcap4.15.1cpe:2.3:a:project-redcap:redcap:4.15.1:*:*:*:*:*:*:*
project-redcapredcap4.15.2cpe:2.3:a:project-redcap:redcap:4.15.2:*:*:*:*:*:*:*
project-redcapredcap4.15.3cpe:2.3:a:project-redcap:redcap:4.15.3:*:*:*:*:*:*:*
project-redcapredcap4.15.4cpe:2.3:a:project-redcap:redcap:4.15.4:*:*:*:*:*:*:*
project-redcapredcap5.0.0cpe:2.3:a:project-redcap:redcap:5.0.0:*:*:*:*:*:*:*
project-redcapredcap5.0.1cpe:2.3:a:project-redcap:redcap:5.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
project-redcap	redcap	4.13.18	cpe:2.3:a:project-redcap:redcap:4.13.18:::::::*
project-redcap	redcap	4.14.5	cpe:2.3:a:project-redcap:redcap:4.14.5:::::::*
project-redcap	redcap	4.14.6	cpe:2.3:a:project-redcap:redcap:4.14.6:::::::*
project-redcap	redcap	4.15.0	cpe:2.3:a:project-redcap:redcap:4.15.0:::::::*
project-redcap	redcap	4.15.1	cpe:2.3:a:project-redcap:redcap:4.15.1:::::::*
project-redcap	redcap	4.15.2	cpe:2.3:a:project-redcap:redcap:4.15.2:::::::*
project-redcap	redcap	4.15.3	cpe:2.3:a:project-redcap:redcap:4.15.3:::::::*
project-redcap	redcap	4.15.4	cpe:2.3:a:project-redcap:redcap:4.15.4:::::::*
project-redcap	redcap	5.0.0	cpe:2.3:a:project-redcap:redcap:5.0.0:::::::*
project-redcap	redcap	5.0.1	cpe:2.3:a:project-redcap:redcap:5.0.1:::::::*

Rows per page:

1-10 of 191

References

ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

47.3%

JSON

Related for NVD:CVE-2013-4608

cve1 cvelist1 prion1