CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2875 matches found

Cvelist•added 2023/11/01 12:0 a.m.•23 views

CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib

Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS5AI score0.0024EPSS

Exploits1References2

Vulnrichment•added 2023/11/01 12:0 a.m.•6 views

CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib

Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

2.7CVSS5.3AI score0.00449EPSS

Exploits1References2

Cvelist•added 2023/11/01 12:0 a.m.•29 views

CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib

Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

2.7CVSS5.5AI score0.00449EPSS

Exploits1References2

OSV•added 2023/11/01 12:0 a.m.•15 views

CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib

Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS4.8AI score0.0024EPSS

Exploits1References4

Vulnrichment•added 2023/11/01 12:0 a.m.•11 views

CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib

Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS6.9AI score0.0024EPSS

Exploits1References2

CVE•added 2023/11/01 12:0 a.m.•42 views

CVE-2023-5900

CVE-2023-5900 is a Cross-Site Request Forgery vulnerability in the PKP Web Application Library used by PKP projects (OJS/OCS/OMP/OPS/OHS). The flaw affects versions prior to 3.3.0-16 and arises from a lack of CSRF authorization checking in the affected library. Public references describe the issu...

4.3CVSS4.4AI score0.0024EPSS

Exploits1References2Affected Software1

CVE•added 2023/11/01 12:0 a.m.•36 views

CVE-2023-5903

CVE-2023-5903 is a stored XSS vulnerability in the PKP Web Application Library (pkp-lib) affecting versions before 3.3.0-16. The issue exists in pkp/pkp-lib and stems from insecure handling of stored input (XSS). Public sources consistently state the vulnerable version range as prior to 3.3.0-16....

5.4CVSS4.1AI score0.00449EPSS

Exploits1References2Affected Software1

CVE•added 2023/11/01 12:0 a.m.•59 views

CVE-2023-5901

PKP-pkp-lib prior to version 3.3.0-16 is affected by a Cross-site Scripting (XSS) vulnerability. The issue originates from Unrestricted Upload of a file with dangerous type, enabling script execution via uploaded content in the PKP Web Application Library used by PKP projects (OJS/OCS/OMP/OPS/OHS...

4.8CVSS4.5AI score0.0046EPSS

Exploits1References2Affected Software1

OSV•added 2023/11/01 12:0 a.m.•20 views

CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib

Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

2.7CVSS3.9AI score0.00449EPSS

Exploits1References4

OSV•added 2023/11/01 12:0 a.m.•10 views

CVE-2023-5901 Cross-site Scripting in pkp/pkp-lib

Cross-site Scripting in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS5AI score0.0046EPSS

Exploits1References4

Cvelist•added 2023/11/01 12:0 a.m.•15 views

CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

4.3CVSS5AI score0.00255EPSS

Exploits1References2

Cvelist•added 2023/11/01 12:0 a.m.•30 views

CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS9.1AI score0.00264EPSS

Exploits1References2

Vulnrichment•added 2023/11/01 12:0 a.m.•7 views

CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

4.3CVSS4.8AI score0.00255EPSS

Exploits1References2

Vulnrichment•added 2023/11/01 12:0 a.m.•6 views

CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS8.9AI score0.00264EPSS

Exploits1References2

Vulnrichment•added 2023/11/01 12:0 a.m.•5 views

CVE-2023-5898 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS8.9AI score0.00264EPSS

Exploits1References2

Vulnrichment•added 2023/11/01 12:0 a.m.•8 views

CVE-2023-5896 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib

Cross-site Scripting XSS - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4...

2.7CVSS5.3AI score0.00338EPSS

Exploits1References2

Cvelist•added 2023/11/01 12:0 a.m.•18 views

CVE-2023-5898 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

3.5CVSS9.1AI score0.00264EPSS

Exploits1References2

CVE•added 2023/11/01 12:0 a.m.•41 views

CVE-2023-5902

CVE-2023-5902 is a Cross-Site Request Forgery in the PKP Web Application Library (pkp-lib) prior to 3.3.0-16. Affected component: pkp-lib; vulnerable version range:

4.3CVSS4.7AI score0.00255EPSS

Exploits1References2Affected Software1

CVE•added 2023/11/01 12:0 a.m.•70 views

CVE-2023-5899

PKP PKP-lib, prior to 3.3.0-16, is affected by CSRF due to a missing CSRF check in the Review Details workflow. Exploitation could allow an attacker to perform actions on behalf of an authenticated user. Remediation: upgrade to version 3.3.0-16 or later (or apply the provided patches) per multipl...

8.8CVSS5.6AI score0.00264EPSS

Exploits1References2Affected Software1

CVE•added 2023/11/01 12:0 a.m.•89 views

CVE-2023-5896

CVE-2023-5896 is a stored XSS vulnerability in PKP's pkp-lib repository, affecting versions prior to 3.4.0-4. Impact is typical web:XSS with user export workflows (e.g., exporting journal users) as described in sources. Affected component: pkp/pkp-lib; root cause: stored XSS when exporting user d...

5.4CVSS4.1AI score0.00338EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by