A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter.
History

Thu, 26 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-09T00:27:06.203Z

Reserved: 2023-07-10T00:00:00.000Z

Link: CVE-2023-37798

cve-icon Vulnrichment

Updated: 2026-07-09T00:27:06.203Z

cve-icon NVD

Status : Modified

Published: 2023-09-07T19:15:47.510

Modified: 2026-06-17T06:08:44.250

Link: CVE-2023-37798

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.