pkp.sfu CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

pkp.sfu vulnerability overview

Aggregates CVE and security vulnerability intelligence across all pkp.sfu-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface software deployment scenarios.

Vulnerability distribution trend (last 24 months)

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2024-25434	A cross-site scripting (XSS) vulnerability in Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Publicname parameter.	[email protected]	5.4	0.16%	2024-03-01	2025-04-16
CVE-2024-24512	Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the input subtitle component.	[email protected]	6.1	0.30%	2024-03-01	2025-04-18
CVE-2024-24511	Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the Input Title component.	[email protected]	6.1	0.30%	2024-03-01	2025-04-18

cvelogic Threat Intelligence