CVE-2024-50965
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Nov 22, 2024
CWE ID 79
Summary
CVE-2024-50965 is a Cross-Site Scripting (XSS) vulnerability affecting the Public Knowledge Project (PKP) Platform, specifically versions of OJS, OMP, and OPS prior to 3.3.0.16. An attacker can exploit this flaw by injecting a malicious script into a vulnerable page, allowing them to execute arbitrary code and potentially escalate privileges. This vulnerability poses a serious risk and requires immediate attention and patching from affected organizations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share