2 matches found
CVE-2018-12588
Cross-site scripting XSS vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project PKP Open Monograph Press OMP v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter aka the Searc...
CVE-2018-12588
The CVE concerns a cross-site scripting (XSS) vulnerability in PKP Open Monograph Press (OMP) templates/frontend/pages/searchResults.tpl. Affected versions are PKP OMP 1.2.0 through 3.1.1-2 (before 3.1.1-3). The issue allows remote attackers to inject arbitrary script/HTML via the catalog.noTitle...