vanderbilt

Top products

The 15 most recently published vulnerabilities affecting vanderbilt.

• CVE-2024-55374REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts.5.3Jan 2, 2026
• CVE-2024-37396A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into th...5.4Jun 10, 2025
• CVE-2024-37395A stored cross-site scripting (XSS) vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload in...5.4Jun 10, 2025
• CVE-2024-37394A stored cross-site scripting (XSS) vulnerability in the Project Dashboards of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into t...5.4Jun 10, 2025
• CVE-2025-23113An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An at...3.4Jan 10, 2025
• CVE-2025-23112An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user ...6.1Jan 10, 2025
• CVE-2025-23111An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user t...4.7Jan 10, 2025
• CVE-2025-23110An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert ...6.1Jan 10, 2025
• CVE-2024-56377A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a...5.4Jan 9, 2025
• CVE-2024-56376A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the ...5.4Jan 9, 2025
• CVE-2024-56314A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project. When a user c...5.4Dec 22, 2024
• CVE-2024-56313A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the Notes field of a calendar event. W...5.4Dec 22, 2024
• CVE-2024-56312A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dash...5.4Dec 22, 2024
• CVE-2024-56311REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into ac...8.8Dec 22, 2024
• CVE-2024-56310REDCap through 14.9.6 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on...8.8Dec 22, 2024