Vulnerabilities in Smarty PHP template engine renders popular CMS platforms

Hello OJS team,

We are using ojs-3.1.2-4 and we found this security vulnerability on the web with Smarty template. Should we be taking any action, any advice from PKP is much appreciated.

Thank you for your time.


1 Like

Hi @dung,

PKP software (OJS/OMP/OPS) does not make use of the Smarty sandboxing feature this vulnerability relies upon; our software shouldn’t be affected.

See for information on known security vulnerabilities in each release.

Alec Smecher
Public Knowledge Project Team

Its good news for us, we (UofC library) were concerned. Thank you for your confirmation @asmecher .

1 Like