PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/26xxx/CVE-2022-26616.json",
"cna_assigner": "mitre"
}