Unrated severityNVD Advisory· Published Jan 9, 2025· Updated Jan 10, 2025
CVE-2024-56376
CVE-2024-56376
Description
A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the received message, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=14.9.6+ 1 more
- (no CPE)range: <=14.9.6
- (no CPE)range: 14.9.6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.