CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Public Knowledge Project 1Open Journal Systems Aug 20, 2024 Aug 17, 2024 6.9 MEDIUM· v4 6.1 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .e...Show more |
1Public Knowledge Project 1Open Journal Systems May 15, 2025 Mar 1, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Disc...Show more |
1Public Knowledge Project 1Open Journal Systems Nov 21, 2024 Apr 4, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers. |
1Public Knowledge Project 1Open Journal Systems Nov 21, 2024 Apr 1, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header. |
1Public Knowledge Project 1Open Journal Systems Apr 29, 2026 Sep 23, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and earlier allows remote attackers to hijack the authentication of administrators for re...Show more |