Unrated severityNVD Advisory· Published Sep 2, 2024· Updated Sep 3, 2024
CVE-2024-45527
CVE-2024-45527
Description
REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logout=1, and can also be used to insert a link to an external phishing website.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- REDCap/REDCapdescription
- Range: = 14.7.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.