Security Advisory

CVE-2022-42715

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-12 00:00:00

Last updated 2025-05-15 17:56:37

Assigner mitre

State PUBLISHED

Description

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution.

← Browse all CVEs View on cve.org ↗