CVE-2023-5626

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-5626

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5626.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-5626

Published

2023-10-17T23:22:41.615Z

Modified

2025-11-30T10:33:01.923021Z

Severity

3.5 (Low) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

Cross-Site Request Forgery (CSRF) in pkp/ojs

Details

Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16.

Database specific

{
    "cna_assigner": "@huntrdev",
    "cwe_ids": [
        "CWE-352"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/5xxx/CVE-2023-5626.json"
}

References

Affected packages

Git / github.com/pkp/ojs

Affected ranges

Type: GIT
Repo: https://github.com/pkp/ojs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

dd7b65632b7beeb4f076415ea5e9706f588434c3

Affected versions

Other

3_2_0-0

3_3_0-0

3_3_0-1

3_3_0-10

3_3_0-11

3_3_0-12

3_3_0-13

3_3_0-14

3_3_0-15

3_3_0-2

3_3_0-3

3_3_0-4

3_3_0-5

3_3_0-6

3_3_0-7

3_3_0-8

3_3_0-9

ojs-2_0_0-0

ojs-2_0_1-0

ojs-2_0_2-0

ojs-2_0_2-1

ojs-2_1_0-0

ojs-2_1_0-1

ojs-2_1_1-0

ojs-2_1_1rc4

ojs-2_1b

ojs-2_2_0-0

ojs-2_2_0-b1

ojs-2_2_0-b2

ojs-2_2_1-0

ojs-2_2_1-b1

ojs-2_3_0-0

ojs-2_3_0-0rc1

ojs-2_3_1-0

ojs-2_3_1-1

ojs-2_3_1-2

ojs-2_3_3-0

ojs-2_3_3-1

ojs-2_4_0-0

ojs-3_0a1

ojs-3_0b1

ojs2-base-2_2_2