GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,425 advisories
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
jQuery
(RubyGems)
Apr 29, 2020
pimcore/customer-management-framework-bundle Cross-site Scripting vulnerability in Segment name
Moderate
CVE-2023-4145
was published
for
pimcore/customer-management-framework-bundle
(Composer)
Aug 3, 2023
@sveltejs/kit vulnerable to XSS on dev mode 404 page
Low
CVE-2024-53261
was published
for
@sveltejs/kit
(npm)
Nov 25, 2024
MLFlow Cross-site Scripting vulnerability leads to client-side Remote Code Execution
Critical
CVE-2024-27133
was published
for
mlflow
(pip)
Feb 24, 2024
XSS/HTML Injection Vulnerability in Umbraco Preview Badge
Moderate
GHSA-69cg-w8vm-h229
was published
for
Umbraco.Cms
(NuGet)
Jan 21, 2025
MathLive's Lack of Escaping of HTML allows for XSS
Moderate
GHSA-qwj6-q94f-8425
was published
for
mathlive
(npm)
Jan 21, 2025
Cross-Site Scripting (XSS) vulnerability in generateNavigation() function in PhpSpreadsheet
Moderate
CVE-2025-22131
was published
for
phpoffice/phpspreadsheet
(Composer)
Jan 21, 2025
Authenticated Stored XSS in YesWiki
High
CVE-2025-24018
was published
for
yeswiki/yeswiki
(Composer)
Jan 21, 2025
Unauthenticated DOM Based XSS in YesWiki
High
CVE-2025-24017
was published
for
yeswiki/yeswiki
(Composer)
Jan 21, 2025
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
Moderate
CVE-2025-24012
was published
for
@umbraco-cms/backoffice
(npm)
Jan 21, 2025
ProTip!
Advisories are also available from the
GraphQL API