CVE-2024-37396

EPSS 0.48% · P65 Updated Jun 11, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-37396

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Notes' field of a calendar event. This could lead to the execution of malicious scripts when the event is viewed. Updating to version 14.2.1 or later is recommended to remediate this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

REDCap 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

REDCap是REDCap开源的一款数据收集和管理Web应用程序。 REDCap 13.1.9版本存在安全漏洞，该漏洞源于日历功能中的存储型跨站脚本漏洞，可能导致经过身份验证的用户通过注入特制有效载荷执行任意Web脚本或HTML。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2024-37396

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-37396

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-06-10 · 15 CVEs total

CVE-2025-5952	7.3 HIGH	Zend.To NSSDropoff.php exec os command injection
CVE-2025-5935	5.3 MEDIUM	Open5GS AMF/MME emm-sm.c common_register_state denial of service
CVE-2025-46612		Airleader Master和Airleader Easy 安全漏洞
CVE-2025-44044		Keyoti SearchUnit 安全漏洞
CVE-2025-44043		Keyoti SearchUnit 安全漏洞
CVE-2024-57186		erxes 安全漏洞
CVE-2024-57189		erxes 安全漏洞
CVE-2024-57190		erxes 安全漏洞
CVE-2024-37395		REDCap 安全漏洞
CVE-2024-37394		REDCap 安全漏洞
CVE-2024-41502		Jetimob Plataforma Imobiliaria 安全漏洞
CVE-2024-41504		Jetimob Plataforma Imobiliaria 安全漏洞
CVE-2024-41503		Jetimob Plataforma Imobiliaria 安全漏洞
CVE-2024-41505		Jetimob Plataforma Imobiliaria 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2024-37396

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-37396

I. Basic Information for CVE-2024-37396

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-37396

III. Intelligence Information for CVE-2024-37396

Same Patch Batch · n/a · 2025-06-10 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-37396

Leave a comment