6574 matches found
Session fixation
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository pkp/ojs prior to 3.3.0-16...
CVE-2023-5904 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib
Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5903
CVE-2023-5903 is a stored XSS vulnerability in the PKP Web Application Library (pkp-lib) affecting versions before 3.3.0-16. The issue exists in pkp/pkp-lib and stems from insecure handling of stored input (XSS). Public sources consistently state the vulnerable version range as prior to 3.3.0-16....
CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib
Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5898 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5896 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4...
CVE-2023-5898
CVE-2023-5898 concerns a Cross-Site Request Forgery (CSRF) in the PKP PKP-lib project, affecting versions prior to 3.3.0-16. The vulnerability stems from a missing CSRF check in the affected code path, enabling unauthorized actions on behalf of authenticated users. Public references consistently ...
CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5895 Cross-site Scripting (XSS) - DOM in pkp/pkp-lib
Cross-site Scripting XSS - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5890 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5890 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5891 Cross-site Scripting (XSS) - Reflected in pkp/pkp-lib
Cross-site Scripting XSS - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5892 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5892 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...