GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
87 advisories
Winter CMS Stored XSS through Backend ColorPicker FormWidget
Low
CVE-2023-52084
was published
for
winter/wn-backend-module
(Composer)
Dec 28, 2023
Winter CMS Stored XSS through privileged upload of Media Manager file followed by renaming
Low
CVE-2023-52083
was published
for
winter/wn-system-module
(Composer)
Dec 28, 2023
Withdrawn Advisory: Stored Cross-site scripting affecting automad/automad
Low
CVE-2023-7035
was published
for
automad/automad
(Composer)
Dec 21, 2023
•
withdrawn
Winter CMS stored XSS through privileged upload of SVG file
Low
CVE-2023-37269
was published
for
wintercms/winter
(Composer)
Jul 7, 2023
CraftCMS stored XSS in Quick Post widget error message
Low
CVE-2023-33194
was published
for
craftcms/cms
(Composer)
May 26, 2023
Concrete CMS (previously concrete5) is vulnerable to stored XSS in uploaded file and folder names
Low
CVE-2023-28819
was published
for
concrete5/concrete5
(Composer)
Apr 28, 2023
ProTip!
Advisories are also available from the
GraphQL API