GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
683 advisories
PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages
Moderate
CVE-2026-28338
was published
for
net.sourceforge.pmd:pmd-core
(Maven)
Feb 28, 2026
XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages
Moderate
CVE-2026-24128
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Jan 23, 2026
XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication
Moderate
CVE-2025-66472
was published
for
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
(Maven)
Dec 10, 2025
GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
Moderate
CVE-2025-21621
was published
for
org.geoserver.web:gs-web-app
(Maven)
Nov 25, 2025
Opencast's Paella Player 7 is vulnerable to Cross-Site Scripting
Moderate
CVE-2025-61788
was published
for
org.opencastproject:opencast-common
(Maven)
Oct 8, 2025
ProTip!
Advisories are also available from the
GraphQL API