2 matches found
CVE-2023-5896 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4...
CVE-2023-5896
CVE-2023-5896 is a stored XSS vulnerability in PKP's pkp-lib repository, affecting versions prior to 3.4.0-4. Impact is typical web:XSS with user export workflows (e.g., exporting journal users) as described in sources. Affected component: pkp/pkp-lib; root cause: stored XSS when exporting user d...