Hello OJS team,
We are using ojs-3.1.2-4 and we found this security vulnerability on the web with Smarty template. Should we be taking any action, any advice from PKP is much appreciated.
Thank you for your time.
Dung.
Hello OJS team,
We are using ojs-3.1.2-4 and we found this security vulnerability on the web with Smarty template. Should we be taking any action, any advice from PKP is much appreciated.
Thank you for your time.
Dung.
Hi @dung,
PKP software (OJS/OMP/OPS) does not make use of the Smarty sandboxing feature this vulnerability relies upon; our software shouldn’t be affected.
See https://pkp.sfu.ca/ojs/ojs_download/ for information on known security vulnerabilities in each release.
Regards,
Alec Smecher
Public Knowledge Project Team
Its good news for us, we (UofC library) were concerned. Thank you for your confirmation @asmecher .
Dung.