How severe is CVE-2024-56314?

CVE-2024-56314 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2024-56314

Name: redcap
Author: vanderbilt

5.4MEDIUM

A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clic

Published: 12/22/2024Updated: 4/22/2025

Description

A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts.

AI AnalysisPowered by AI

Affected Products

vanderbiltredcap

References

https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap
ExploitThird Party Advisory
https://www.evms.edu/research/resources_services/redcap/redcap_change_log/
Product