← Back

Open Journal Systems

open_journal_systems

Vendor: Sfu • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-25436
1Sfu
1Open Journal Systems
Mar 28, 2025
Mar 1, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A cross-site scripting (XSS) vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Disc...Show more
A cross-site scripting (XSS) vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function.Show less
CVE-2023-5894
1Sfu
1Open Journal Systems
Nov 21, 2024
Nov 1, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16.