3 matches found
CVE-2023-5892
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5892 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5892
CVE-2023-5892 affects PKP Web Application Library (pkp-lib) prior to 3.3.0-16, where input is stored and not escaped, enabling stored XSS in PKP-based systems (e.g., PKP lib used by OJS/OCS/etc.). Root cause: insufficient escaping of stored user input in relevant components of pkp-lib. Impact: cr...