CVE-2019-17121

REDCap before 9.3.4 has XSS on the Customize & Manage Locking/E-signatures page via Lock Record Custom Text values.
Source: NIST
CVE-2019-17121