VYPR
Unrated severityNVD Advisory· Published Dec 19, 2019· Updated Aug 5, 2024

CVE-2019-19909

CVE-2019-19909

Description

An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open Journal Systems (OJS) before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Public Knowledge Project/pkp-libdescription
  • Pkp/Pkp Libllm-fuzzy
    Range: < 3.1.2-2
  • Pkp/Ojsllm-fuzzy
    Range: < 3.1.2-2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.