Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
RedCap Release Notes | CVE Reqm
ChangeLog: Standard Release
Version 7.5.1 - (released 7/12/2017)
BUG FIXES & OTHER CHANGES:
Medium security fix: A cross-site scripting vulnerability was found that could be exploited by a malicious user by manipulating the query string of an HTTP request or REDCap link.
Medium security fix: A cross-site scripting vulnerability was found that could be exploited by a malicious user by manipulating text strings input into conversation titles or messages in REDCap Messenger.
Major bug fix: On certain occasions, the cron job that schedules Automated Survey Invitations containing conditional logic using datediff() with "today" as a parameter might mistakenly remove survey invitations that have been scheduled for another project. This would result in random survey participants not receiving their invitations. This issue occurs very seldom.
Minor security fix: A couple functions (e.g., deleting files in the File Repository or on File Upload fields) were mistakenly not being protected from Cross-site Request Forgery (CSRF) attacks by potential malicious users.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.