CVE-2017-10961

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:06

Type Values Removed Values Added
References () https://community.projectredcap.org/articles/13/changelog-standard-release.html - Permissions Required () https://community.projectredcap.org/articles/13/changelog-standard-release.html - Permissions Required
References () https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae - Third Party Advisory () https://gist.github.com/jordanpotti/fef4f1ada404d5ba7f88ab42e93cdaae - Third Party Advisory

01 Jul 2021, 16:58

Type Values Removed Values Added
CPE cpe:2.3:a:project-redcap:redcap:*:*:*:*:*:*:*:* cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*

Information

Published : 2017-07-18 14:29

Updated : 2024-11-21 03:06


NVD link : CVE-2017-10961

Mitre link : CVE-2017-10961

CVE.ORG link : CVE-2017-10961


JSON object : View

Products Affected

vanderbilt

  • redcap
CWE
CWE-352

Cross-Site Request Forgery (CSRF)