Headline
CVE-2023-37798: Vanderbilt University
A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter.
Vanderbilt University is committed to principles of equal opportunity and affirmative action. Vanderbilt University does not discriminate against individuals on the basis of their race, sex, sexual orientation, gender identity, religion, color, national or ethnic origin, age, disability, military service, or genetic information in its administration of educational policies, programs, or activities; admissions policies; scholarship and loan programs; athletic or other University-administered programs; or employment. Accessibility information. Vanderbilt®, Vanderbilt University® and the Vanderbilt logos are trademarks of The Vanderbilt University. Site Development: Digital Strategies (Communications and Marketing.) © 2023