GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
12 advisories
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
Moderate
CVE-2024-24815
was published
for
ckeditor/ckeditor
(Composer)
Feb 7, 2024
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
Moderate
CVE-2023-46734
was published
for
symfony/symfony
(Composer)
Nov 12, 2023
phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting
Moderate
CVE-2023-5917
was published
for
phpbb/phpbb
(Composer)
Nov 2, 2023
Cross site scripting in ameos_tarteaucitron
Moderate
CVE-2022-33155
was published
for
ameos/ameos_tarteaucitron
(Composer)
Jul 13, 2022
phpBB Server-Side Request Forgery Vulnerability
Moderate
CVE-2020-8226
was published
for
phpbb/phpbb
(Composer)
May 24, 2022
img_auth.php may leak private extension images into the public cache
Moderate
CVE-2020-15005
was published
for
mediawiki/core
(Composer)
May 24, 2022
HTML Purifier allows remote attackers to obtain sensitive information
Moderate
CVE-2011-3744
was published
for
ezyang/htmlpurifier
(Composer)
May 17, 2022
Cross-site scripting vulnerability in includes/actions/InfoAction.php
Moderate
CVE-2014-2853
was published
for
mediawiki/core
(Composer)
May 17, 2022
HTML Purifier Cross-site Scripting vulnerability
Moderate
CVE-2007-3498
was published
for
ezyang/htmlpurifier
(Composer)
May 1, 2022
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
components/jquery
(RubyGems)
Apr 29, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11022
was published
for
athlon1600/youtube-downloader
(RubyGems)
Apr 29, 2020
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Moderate
CVE-2019-11358
was published
for
django
(RubyGems)
Apr 26, 2019
ProTip!
Advisories are also available from the
GraphQL API