A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes Functionality of REDCap 11.2.5 allows remote attackers to execute JavaScript code in the client’s browser by storing said code as a Missing Data Code value. This can then be leveraged to execute a Cross-Site Request Forgery attack to escalate privileges to administrator.
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku
Kaynak: National Vulnerability Database
