CVE-2025-67890 | pkp Open Journal Systems up to 3.3.0-21/3.4.0-9/3.5.0-1 Native XML Plugin NativeXmlIssueGalleyFilter.php writeFile path traversal

A vulnerability, which was classified as critical, was found in pkp Open Journal Systems up to 3.3.0-21/3.4.0-9/3.5.0-1. This vulnerability affects the function writeFile of the file NativeXmlIssueGalleyFilter.php of the component Native XML Plugin. The manipulation results in path traversal.

This vulnerability is known as CVE-2025-67890. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More