CVE-2025-13469 | Public Knowledge Project omp/ojs 3.3.0/3.4.0/3.5.0 Payment Instructions Setting paymentForm.tpl manualInstructions cross site scripting (Issue 12022)

A vulnerability identified as problematic has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler. The manipulation of the argument manualInstructions leads to cross site scripting.

This vulnerability is documented as CVE-2025-13469. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More