CVE-2013-4608

Name of the Vulnerable Software and Affected Versions REDCap versions prior to 5.0.6

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page. This could potentially lead to unauthorized actions on the affected system.

Recommendations For versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Graphical Data View & Descriptive Stats page until the update is applied.