CVE-2021-42136

EPSS 1.76% · P83 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-42136

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote attackers to execute JavaScript code in the client's browser by storing said code as a Missing Data Code value. This can then be leveraged to execute a Cross-Site Request Forgery attack to escalate privileges to administrator.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

REDCap 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

REDCap是一款数据收集和管理Web应用程序。 REDCap 11.2.5 存在安全漏洞，该漏洞允许远程攻击者通过将所述代码存储为缺失数据代码值来在客户端浏览器中执行 JavaScript 代码。然后可以利用它来执行跨站点请求伪造攻击，以将权限提升给管理员。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-42136

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-42136

请登录查看更多情报信息。

https://www.project-redcap.org/x_refsource_MISC
https://redcap.med.usc.edu/_shib/assets/ChangeLog_Standard.pdfx_refsource_MISC
http://packetstormsecurity.com/files/166723/REDCap-Cross-Site-Scripting.htmlx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-42136

Same Patch Batch · n/a · 2022-04-13 · 26 CVEs total

CVE-2022-26643		Johnson Controls EasyIO CPT Graphics 安全漏洞
CVE-2021-43154		CMS Made Simple 跨站脚本漏洞
CVE-2022-27524		Autodesk AutoCAD 缓冲区错误漏洞
CVE-2022-27523		Autodesk AutoCAD 缓冲区错误漏洞
CVE-2022-22958		多款 VMware 产品代码问题漏洞
CVE-2022-22955		多款 VMware 产品授权问题漏洞
CVE-2022-22961		多款 VMware 产品信息泄露漏洞
CVE-2022-22959		多款 VMware 产品跨站请求伪造漏洞
CVE-2022-1280		Linux kernel 资源管理错误漏洞
CVE-2021-46167		WIZPLAT PD065 安全漏洞
CVE-2022-28052		Roothub 路径遍历漏洞
CVE-2022-26144		MantisBT 跨站脚本漏洞
CVE-2022-27256		Hubzilla 输入验证错误漏洞
CVE-2015-20107		Python 命令注入漏洞
CVE-2021-43741		CMSimple 路径遍历漏洞
CVE-2021-43742		CMSimple 跨站脚本漏洞
CVE-2022-24308		Automox Alive Automox Agent 安全漏洞
CVE-2020-29653		Froxlor 跨站脚本漏洞
CVE-2022-27475		Hotel-Mgmt-System 跨站脚本漏洞
CVE-2022-29156		Linux kernel 资源管理错误漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-42136

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-42136

I. Basic Information for CVE-2021-42136

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-42136

III. Intelligence Information for CVE-2021-42136

Same Patch Batch · n/a · 2022-04-13 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-42136

Leave a comment