NA - CVE-2024-9134 - Multiple SQL Injection vulnerabilities exist in...
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on...
NA - CVE-2025-23110 - An issue was discovered in REDCap 14.9.6. A...
An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert...
NA - CVE-2025-23111 - An issue was discovered in REDCap 14.9.6. It...
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user...
NA - CVE-2025-23112 - An issue was discovered in REDCap 14.9.6. A...
An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user...
NA - CVE-2025-23113 - An issue was discovered in REDCap 14.9.6. It...
An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An...
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system. ...