CVE-2024-50965

Name of the Vulnerable Software and Affected Versions: Public Knowledge Project PKP Platform OJS/OMP/OPS versions prior to 3.3.0.16

Description: The issue allows an attacker to execute arbitrary code and escalate privileges via a crafted script. This is a Cross Site Scripting vulnerability.

Recommendations: For versions prior to 3.3.0.16, update to version 3.3.0.16 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the platform to minimize the risk of exploitation.