CNNVD-202512-3964 Information

CNNVD ID

CNNVD-202512-3964

Related CVE

CVE-2025-65270

• CNNVD Published: 2025-12-22

Description (Chinese)

ClinCapture EDC是美国ClinCapture公司的一个临床试验数据采集系统。 ClinCapture EDC 3.0版本和2.2.3版本存在安全漏洞，该漏洞源于反射型跨站脚本，可能导致未经验证的远程攻击者在受害者浏览器环境中执行JavaScript代码。

Description (English)

ClinCapture EDC is a clinical trial data collection system for ClinCapture in the United States. There is a security loophole in ClinCapture EDC Versions 3.0 and 2.2.3, which stems from a reflector-type cross-site script and may lead to uncertified remote assailants implementing JavaScript code in the victim browser environment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

ClinCapture

Published

2025-12-22

Last Modified

2026-02-24

References

https://github.com/xh4vm/CVE-2025-65270 https://www.clincapture.com/ https://access.redhat.com/security/cve/cve-2025-65270