CyberSec.Space Logo
Back to CVE Browser

CVE-2013-4611

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0120%
EPSS Percentile38.36th
PublishedJun 17, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants page.

Affected Platforms (CPE)

πŸ“¦
Project Redcap

Redcap

= 4.13.18
πŸ“¦
Project Redcap

Redcap

= 4.14.5
πŸ“¦
Project Redcap

Redcap

= 4.14.6
πŸ“¦
Project Redcap

Redcap

= 4.15.0
πŸ“¦
Project Redcap

Redcap

= 4.15.1
πŸ“¦
Project Redcap

Redcap

= 4.15.2
πŸ“¦
Project Redcap

Redcap

= 4.15.3
πŸ“¦
Project Redcap

Redcap

= 4.15.4
πŸ“¦
Project Redcap

Redcap

= 5.0.0
πŸ“¦
Project Redcap

Redcap

= 5.0.1
πŸ“¦
Project Redcap

Redcap

= 5.0.2
πŸ“¦
Project Redcap

Redcap

= 5.0.3
πŸ“¦
Project Redcap

Redcap

= 5.0.4
πŸ“¦
Project Redcap

Redcap

= 5.0.5
πŸ“¦
Project Redcap

Redcap

= 5.0.6
πŸ“¦
Vanderbilt

Redcap

<= 5.1.0
πŸ“¦
Vanderbilt

Redcap

= 4.14.0
πŸ“¦
Vanderbilt

Redcap

= 4.14.1
πŸ“¦
Vanderbilt

Redcap

= 4.14.2
πŸ“¦
Vanderbilt

Redcap

= 4.14.3
πŸ“¦
Vanderbilt

Redcap

= 4.14.4

References & Advisories

πŸ”— http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf
πŸ”— http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf

Related Vulnerabilities

CVE-2013-461010.0

Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown...

CVE-2020-267129.8

REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList function via sort parameter. The application uses the additio...

CVE-2021-421369.0

A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote at...

CVE-2017-109618.8

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components.