Unrated severityNVD Advisory· Published Jan 12, 2021· Updated Aug 4, 2024
CVE-2020-26713
CVE-2020-26713
Description
REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function with parameter sort. The information submitted by the user is immediately returned in the response and not escaped leading to the reflected XSS vulnerability. Attackers can exploit vulnerabilities to steal login session information or borrow user rights to perform unauthorized acts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- REDCap/REDCapdescription
- Range: =10.3.4
Patches
Vulnerability mechanics
References
2- www.evms.edu/research/resources_services/redcap/redcap_change_log/mitrex_refsource_MISC
- www.project-redcap.orgmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.