Lucene search
K

12 matches found

OSV
OSV
added 2024/03/01 11:15 p.m.4 views

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1CVSS5.9AI score0.00443EPSS
Exploits1References2
NVD
NVD
added 2024/03/01 11:15 p.m.23 views

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1CVSS5.6AI score0.00443EPSS
Exploits1References2
Prion
Prion
added 2024/03/01 11:15 p.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1AI score0.00443EPSS
Exploits2References2
Prion
Prion
added 2024/03/01 11:15 p.m.13 views

Cross site scripting

A cross-site scripting XSS vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1AI score0.00443EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/01 12:0 a.m.18 views

CVE-2024-25438

A cross-site scripting XSS vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

5.7AI score0.00443EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/01 12:0 a.m.15 views

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

5.8AI score0.00443EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.5 views

PT-2024-20942 · Public Knowledge · Pkp Ojs

Name of the Vulnerable Software and Affected Versions: Pkp Ojs version 3.3 Description: A cross-site scripting XSS issue in the Production module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1CVSS5.5AI score0.00443EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.4 views

PT-2024-20943 · Public Knowledge · Pkp Ojs

Name of the Vulnerable Software and Affected Versions: Pkp Ojs version 3.3 Description: A cross-site scripting XSS issue in the Submission module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

6.1CVSS5.9AI score0.00443EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.4 views

Pkp Ojs Cross Site Scripting Vulnerability

affinitybridge Pkp Ojs is an open source journal publication management software system from affinitybridge. A cross-site scripting vulnerability exists in Pkp Ojs version v3.3, which originates from a vulnerability that allows an attacker to execute arbitrary web script or HTML via the Input...

6.1CVSS6AI score0.00443EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/03/01 12:0 a.m.33 views

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

5.7AI score0.00443EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.6 views

PKP OPEN JOURNAL SYSTEMS Cross-Site Scripting Vulnerability

PKP OPEN JOURNAL SYSTEMS PKP OJS is an end-to-end scholarly publishing platform from PKP Inc. A cross-site scripting vulnerability exists in PKP OPEN JOURNAL SYSTEMS version v3.3, which originates from a vulnerability that allows attackers to execute arbitrary web script or HTML via the Input...

6.1CVSS6AI score0.00443EPSS
Exploits2References3
Huntr
Huntr
added 2023/10/08 6:37 p.m.18 views

Stored XSS in function Add discussion at the Copyediting section

Description I tested the demo site you provided and I see that there is a stored XSS in function Add discussion Proof of Concept payload: thanh"alert1 Steps 1. Login as any user 2. In the Unassigned section and click view 3. In the Workflow click Copyediting section and Add discussion 4. Insert...

6AI score0.00404EPSS
Exploits1
Rows per page
Query Builder