CVE-2024-24512

Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the input subtitle component...

PT-2024-20431 · Public Knowledge · Pkp Ojs

Name of the Vulnerable Software and Affected Versions: Pkp OJS version 3.4 Description: The issue allows an attacker to execute arbitrary code via the input subtitle component. This is a Cross Site Scripting vulnerability. Recommendations: For Pkp OJS version 3.4, consider disabling the input...

PKP OPEN JOURNAL SYSTEMS Cross-Site Scripting Vulnerability

PKP OPEN JOURNAL SYSTEMS PKP OJS is an end-to-end scholarly publishing platform from PKP Inc. A cross-site scripting vulnerability exists in PKP OPEN JOURNAL SYSTEMS v3.4 that originates from allowing an attacker to execute arbitrary code via the input subtitle component...