{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-22T11:31:36.484","vulnerabilities":[{"cve":{"id":"CVE-2013-4608","sourceIdentifier":"cve@mitre.org","published":"2013-06-17T11:38:53.433","lastModified":"2026-06-16T23:57:34.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page."},{"lang":"es","value":"Vulnerabilidad Cross-site scripting (XSS) en REDCap anterior a v5.0.6 permite a atacantes remotos inyectar secuencias arbitrarias de comandos web o HTML a través de vectores que involucran a el Graphical Data View y la pagina Descriptive Stats."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.13.18:*:*:*:*:*:*:*","matchCriteriaId":"58C92B2E-A9AF-43B4-B1E4-7A873AF1DEAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.14.5:*:*:*:*:*:*:*","matchCriteriaId":"DA4E7E65-1147-4620-B31F-617D34822E9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.14.6:*:*:*:*:*:*:*","matchCriteriaId":"00CED35E-7640-44D4-B5A4-EED2D0163C79"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.15.0:*:*:*:*:*:*:*","matchCriteriaId":"61C3C73D-1818-4DB7-A806-FC999EADE7E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.15.1:*:*:*:*:*:*:*","matchCriteriaId":"8347F389-9331-4689-B52A-87ABFFF02141"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.15.2:*:*:*:*:*:*:*","matchCriteriaId":"B739D2A5-46DF-4CE8-9BAB-6BB94743D21D"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.15.3:*:*:*:*:*:*:*","matchCriteriaId":"7969B764-47A6-4AC7-B18E-236FF25C6552"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:4.15.4:*:*:*:*:*:*:*","matchCriteriaId":"26E48768-FDF1-4A54-8F0E-EC4732B55D66"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F62B324D-6F70-41B8-B3AC-CDA6D4C3AB25"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:5.0.1:*:*:*:*:*:*:*","matchCriteriaId":"7712A887-BB81-4FAE-9B76-FB9886BE41D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:5.0.2:*:*:*:*:*:*:*","matchCriteriaId":"817D8D01-B8E1-4F86-9ACE-0CAF87DA13A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:5.0.3:*:*:*:*:*:*:*","matchCriteriaId":"5241C18D-9714-4DEA-9552-55DD3FBE4613"},{"vulnerable":true,"criteria":"cpe:2.3:a:project-redcap:redcap:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"220E8227-7D41-48A9-9D61-BEB47EB19FCA"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*","versionEndIncluding":"5.0.5","matchCriteriaId":"930C4C7A-A038-4045-AAA1-67E8B6CE7C12"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:4.14.0:*:*:*:*:*:*:*","matchCriteriaId":"D293B038-228E-42B6-BC99-9BDFCD8D562C"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:4.14.1:*:*:*:*:*:*:*","matchCriteriaId":"789C86D0-A11F-4C40-950A-5A617AD7C23A"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:4.14.2:*:*:*:*:*:*:*","matchCriteriaId":"C366E672-CD77-4932-80D2-09A61B3B1A8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:4.14.3:*:*:*:*:*:*:*","matchCriteriaId":"F7055FD2-C107-4D23-8B8C-28607C0C0ADA"},{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:4.14.4:*:*:*:*:*:*:*","matchCriteriaId":"3242EC5F-0091-4097-9C6E-ADE5100017AF"}]}]}],"references":[{"url":"http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf","source":"cve@mitre.org"},{"url":"http://ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}