3 matches found
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...
CVE-2023-5899
PKP PKP-lib, prior to 3.3.0-16, is affected by CSRF due to a missing CSRF check in the Review Details workflow. Exploitation could allow an attacker to perform actions on behalf of an authenticated user. Remediation: upgrade to version 3.3.0-16 or later (or apply the provided patches) per multipl...