UCLA Health Security Operations

1 exploit Active since Oct 2022
CVE-2022-42715 WRITEUP MEDIUM WRITEUP
REDCap < 12.4.18 - Reflected Cross-Site Scripting via Alerts & Notifications CSV Upload
A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.
CVSS 6.1