CVE-2023-5900

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-5900

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5900.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-5900

Published

2023-11-01T00:00:42.738Z

Modified

2025-11-30T10:37:59.867424Z

Severity

3.5 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

Cross-Site Request Forgery in pkp/pkp-lib

Details

Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

Database specific

{
    "cwe_ids": [
        "CWE-352"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/5xxx/CVE-2023-5900.json",
    "cna_assigner": "@huntrdev"
}

References

Affected packages

Git / github.com/pkp/pkp-lib

Affected ranges

Type: GIT
Repo: https://github.com/pkp/pkp-lib
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

07254d23dd48f2399972328bd149c8ebf578c47d

Affected versions

Other

3_2_0-0

3_2_0-1

3_2_1rc1

3_3_0-0

3_3_0-1

3_3_0-10

3_3_0-11

3_3_0-12

3_3_0-13

3_3_0-14

3_3_0-15

3_3_0-2

3_3_0-3

3_3_0-4

3_3_0-5

3_3_0-6

3_3_0-7

3_3_0-8

3_3_0-9

harvester-2_3_0-0

harvester-2_3_0b1

ocs-2_3_1-0

ohs-2_3_1-0

ojs-2_3_0-0rc1

ojs-2_3_3-0

ojs-2_3_3-1

ojs-2_4_0-0

ojs-3_0_1-0

ojs-3_0_2-0

ojs-3_0a1

ojs-3_0b1

ojs-3_1_1-0

omp-0_9_9-0

omp-1_2_0-0

omp-3_1_0-0

omp-3_1_1-0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5900.json"