GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
WWBN/AVideo stored XSS vulnerability leads to takeover of any user's account, including admin's account
High
CVE-2023-30860
was published
for
wwbn/avideo
(Composer)
May 1, 2023
Cross site scripting (XSS) in wwbn/avideo
High
GHSA-2fch-hv74-fgw9
was published
for
wwbn/avideo
(Composer)
Apr 26, 2023
Possible XSS injection through Validate::isCleanHTML method
High
CVE-2023-30838
was published
for
prestashop/prestashop
(Composer)
Apr 25, 2023
smarty Cross-site Scripting vulnerability in Javascript escaping
High
CVE-2023-28447
was published
for
smarty/smarty
(Composer)
Mar 29, 2023
TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering
High
CVE-2023-24814
was published
for
typo3/cms
(Composer)
Feb 8, 2023
Possible cross-site scripting attack via unsanitized SVG files in FoF Upload
High
CVE-2022-30999
was published
for
fof/upload
(Composer)
May 25, 2022
ProTip!
Advisories are also available from the
GraphQL API