Pkp Web Application Library Security Vulnerabilities and Issues — Pkp Web Application Library CVE List

Lucene search

SfuPkp Web Application Library

12 matches found

CVE•added 2023/11/01 1:15 a.m.•78 views

CVE-2023-5896

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4.

5.4CVSS4.1AI score0.00065EPSS

CVE•added 2023/11/07 4:24 a.m.•51 views

CVE-2023-5901

Cross-site Scripting in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

4.8CVSS4.5AI score0.00153EPSS

CVE•added 2023/11/01 1:15 a.m.•50 views

CVE-2023-5891

Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS5.3AI score0.00081EPSS

CVE•added 2023/11/01 1:15 a.m.•45 views

CVE-2023-5893

Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

8.8CVSS5.6AI score0.0005EPSS

CVE•added 2023/11/01 1:15 a.m.•45 views

CVE-2023-5895

Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS4.3AI score0.0007EPSS

CVE•added 2023/11/01 1:15 a.m.•42 views

CVE-2023-5890

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS4.8AI score0.00081EPSS

CVE•added 2023/11/06 12:15 a.m.•41 views

CVE-2023-47271

PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, as used in Open Journal Systems (OJS) and other products, does not verify that the file named in an XML document (used for the native import/export plugin) is an image file, before trying to use it for an issue cover image.

5.3CVSS5.2AI score0.00116EPSS

CVE•added 2023/11/01 1:15 a.m.•37 views

CVE-2023-5892

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS5.3AI score0.00081EPSS

CVE•added 2023/11/07 4:24 a.m.•33 views

CVE-2023-5904

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS4.1AI score0.00319EPSS

CVE•added 2023/11/07 4:24 a.m.•31 views

CVE-2023-5902

Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

4.3CVSS4.7AI score0.00152EPSS

CVE•added 2023/11/07 4:24 a.m.•30 views

CVE-2023-5900

Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

4.3CVSS4.4AI score0.00133EPSS

CVE•added 2023/11/07 4:24 a.m.•24 views

CVE-2023-5903

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

5.4CVSS4.1AI score0.00319EPSS