EUVD-2022-29092

Malicious code in bioql PyPI...

CVE-2022-24181

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

PKP Open Journals System Cross-Site Scripting Vulnerability

PKP Open Journals System is a journal system. A cross-site scripting vulnerability exists in PKP Open Journals System prior to version 3.3.0-16, which stems from the fact that certain inputs are not escaped and can be exploited by an attacker to inject malicious script into a web site...

PKP Open Journals System Cross-Site Scripting Vulnerability

PKP Open Journals System is a journal system. A cross-site scripting vulnerability exists in PKP Open Journals System prior to version 3.3.0-16, which stems from the inability to properly escape special characters in a title, and can be exploited by an attacker to inject malicious script into a w...

PKP Open Journals System 3.3 Cross Site Scripting

Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...

PKP Open Journals System 3.3 - Cross-Site Scripting Vulnerability

Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References: https://youtu.be/v8-9evO2oVg XSS via...

CVE-2022-24181

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

CVE-2022-24181

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

CVE-2022-24181

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

Cross site scripting

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

CVE-2022-24181

Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...

CVE-2022-24181

PKP Open Journal Systems 2.4.8–3.3 is affected by a Cross‑Site Scripting (XSS) vulnerability via the X-Forwarded-Host header (Host Header injection). The underlying issue is header-based input that enables arbitrary script injection into rendered pages, potentially leading to data theft or deface...

PKP Open Journals System 跨站脚本漏洞

PKP Open Journals System is a journal system. A security vulnerability exists in PKP Open Journals System versions prior to 3.3 to 2.4.8, which allows an attacker to inject arbitrary code via the X-Forwarded-Host header...