Browse all 19 CVE security advisories affecting pkp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PKP is an open-source software suite for scholarly publishing, primarily used by academic institutions to manage journals, conferences, and submission processes. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access controls. Notable security characteristics include its widespread adoption in critical research infrastructure, making it a target for exploitation. While no major public incidents have been widely documented, the 19 CVEs on record highlight ongoing security challenges, particularly in areas like file handling and authentication. The software's complex architecture and extensive plugin ecosystem contribute to potential attack surfaces, requiring diligent maintenance and prompt patching by users.
Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with pkp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.