CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-10961

HIGH
8.8
CVSS Severity Score
EPSS Score0.0320%
EPSS Percentile13.49th
Published2017年7月18日
Last Modified2026年5月13日

Vulnerability Description

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components.

Affected Platforms (CPE)

📦
Vanderbilt

Redcap

<= 7.5.0

References & Advisories

🔗 https://community.projectredcap.org/articles/13/changelog-standard-release.html
🔗 https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae
🔗 https://community.projectredcap.org/articles/13/changelog-standard-release.html
🔗 https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae

関連する脆弱性情報

CVE-2013-461110.0

Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving...

CVE-2013-461010.0

Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown...

CVE-2020-267129.8

REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList function via sort parameter. The application uses the additio...

CVE-2021-421369.0

A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote at...