CVE-2012-6565

Vanderbilt Redcap < 4.14.2 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels.

References (1)

[Various Sources] http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf

Scores

EPSS 0.0016

EPSS Percentile 36.5%

Details

CWE

CWE-79

Status published

Products (4)

vanderbilt/redcap < 4.14.2

vanderbilt/redcap

n/a/n/a

Published Jun 17, 2013

Tracked Since Feb 18, 2026