CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24181

Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.044

EPSS Ranking 88.5%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2022-24181

Public Knowledge Project » Open Journal Systems » Version: 2.4.8

cpe:2.3:a:public_knowledge_project:open_journal_systems:2.4.8
Public Knowledge Project » Open Journal Systems » Version: 2.4.8-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:2.4.8-1
Public Knowledge Project » Open Journal Systems » Version: 2.4.8-2

cpe:2.3:a:public_knowledge_project:open_journal_systems:2.4.8-2
Public Knowledge Project » Open Journal Systems » Version: 3.0.0

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.0.0
Public Knowledge Project » Open Journal Systems » Version: 3.0.1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.0.1
Public Knowledge Project » Open Journal Systems » Version: 3.0.2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.0.2
Public Knowledge Project » Open Journal Systems » Version: 3.1.0

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.0
Public Knowledge Project » Open Journal Systems » Version: 3.1.0-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.0-1
Public Knowledge Project » Open Journal Systems » Version: 3.1.1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.1
Public Knowledge Project » Open Journal Systems » Version: 3.1.1-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.1-1
Public Knowledge Project » Open Journal Systems » Version: 3.1.1-2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.1-2
Public Knowledge Project » Open Journal Systems » Version: 3.1.1-4

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.1-4
Public Knowledge Project » Open Journal Systems » Version: 3.1.2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.2
Public Knowledge Project » Open Journal Systems » Version: 3.1.2-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.2-1
Public Knowledge Project » Open Journal Systems » Version: 3.1.2-2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.2-2
Public Knowledge Project » Open Journal Systems » Version: 3.1.2-3

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.2-3
Public Knowledge Project » Open Journal Systems » Version: 3.1.2-4

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.1.2-4
Public Knowledge Project » Open Journal Systems » Version: 3.2.0

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.0
Public Knowledge Project » Open Journal Systems » Version: 3.2.0-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.0-1
Public Knowledge Project » Open Journal Systems » Version: 3.2.0-2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.0-2
Public Knowledge Project » Open Journal Systems » Version: 3.2.0-3

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.0-3
Public Knowledge Project » Open Journal Systems » Version: 3.2.0-4

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.0-4
Public Knowledge Project » Open Journal Systems » Version: 3.2.1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1
Public Knowledge Project » Open Journal Systems » Version: 3.2.1-1

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1-1
Public Knowledge Project » Open Journal Systems » Version: 3.2.1-2

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1-2
Public Knowledge Project » Open Journal Systems » Version: 3.2.1-3

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1-3
Public Knowledge Project » Open Journal Systems » Version: 3.2.1-4

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1-4
Public Knowledge Project » Open Journal Systems » Version: 3.2.1-5

cpe:2.3:a:public_knowledge_project:open_journal_systems:3.2.1-5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24181

Products

Pricing

Contact Us