Vulnerability CVE-2023-5895


Published: 2023-11-01

Description:
Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://huntr.com/bounties/2cc80417-32b2-4024-bbcd-d95a039c11ae
https://github.com/pkp/pkp-lib/commit/83fa560d6fb54458b312addd23a91ee6520dbe63

Copyright 2026, cxsecurity.com

 

Back to Top