GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
84 advisories
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name
High
CVE-2024-47524
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
High
CVE-2024-45592
was published
for
damienharper/auditor-bundle
(Composer)
Sep 10, 2024
Persistent Cross-site Scripting in Ibexa RichText Field Type
High
CVE-2024-43369
was published
for
ibexa/fieldtype-richtext
(Composer)
Aug 14, 2024
Persistent Cross-site Scripting in eZ Platform Rich Text Field Type
High
CVE-2024-43372
was published
for
ezsystems/ezplatform-richtext
(Composer)
Aug 14, 2024
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
High
CVE-2024-32479
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
Dolibarr Application Home Page has HTML injection vulnerability
High
CVE-2024-23817
was published
for
dolibarr/dolibarr
(Composer)
Apr 18, 2024
Statmic CMS vulnerable to account takeover via XSS and password reset link
High
CVE-2024-24570
was published
for
statamic/cms
(Composer)
Feb 1, 2024
Cross-Site Scripting through Fluid view helper arguments
High
CVE-2020-26216
was published
for
typo3fluid/fluid
(Composer)
Nov 18, 2020
Stored XSS vulnerability on Bounce Management Callback
High
CVE-2021-27910
was published
for
mautic/core
(Composer)
Sep 1, 2021
XSS vulnerability on contacts view
High
CVE-2021-27911
was published
for
mautic/core
(Composer)
Sep 1, 2021
XSS vulnerability on asset view
High
CVE-2021-27912
was published
for
mautic/core
(Composer)
Sep 1, 2021
smarty Cross-site Scripting vulnerability in Javascript escaping
High
CVE-2023-28447
was published
for
smarty/smarty
(Composer)
Mar 29, 2023
ProTip!
Advisories are also available from the
GraphQL API