Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,689 advisories

Loading
Magento Open Source Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2024-34105 was published for magento/community-edition (Composer) Jun 13, 2024
Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components Moderate
GHSA-hjx6-f647-mvf9 was published for invenio-communities (pip) Jun 12, 2024
WooCommerce has a Cross-Site Scripting (XSS) Vulnerability in checkout & registration forms Moderate
CVE-2024-37297 was published for woocommerce/woocommerce (Composer) Jun 12, 2024
SummerNote Cross Site Scripting Vulnerability Moderate
CVE-2024-37629 was published for summernote (npm) Jun 12, 2024
Zend_Filter_StripTags vulnerable to Cross-site Scripting when comments allowed Moderate
GHSA-4vf6-mq7w-3hp6 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide` Moderate
GHSA-4v57-pwvf-x35j was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zend-Form vulnerable to Cross-site Scripting Moderate
GHSA-gvpp-6jrj-5pqc was published for zendframework/zend-form (Composer) Jun 7, 2024
Zendframework Potential XSS or HTML Injection vector in Zend_Json Moderate
GHSA-vvm3-rv48-j3g5 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags` Moderate
GHSA-gwpm-pm6x-h7rj was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script Moderate
GHSA-g52p-86j5-xr8q was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings Moderate
GHSA-hg35-vqp3-fv39 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor` Moderate
GHSA-j543-vg33-g6vj was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework has potential Cross-site Scripting vector in multiple view helpers Moderate
GHSA-m7hr-j867-3f34 was published for zendframework/zend-view (Composer) Jun 7, 2024
ZendFramework vulnerable to Cross-site Scripting Moderate
GHSA-5gmf-3c43-q73v was published for zendframework/zendframework (Composer) Jun 7, 2024
Zendframework has potential Cross-site Scripting vector in multiple view helpers Moderate
GHSA-8q77-cv62-jj38 was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Frontend User Login Moderate
GHSA-2rcw-9hrm-8q7q was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Backend Modal Component Moderate
GHSA-7q33-hxwj-7p8v was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Online Media Asset Rendering Moderate
GHSA-8m6j-p5jv-v69w was published for typo3/cms (Composer) Jun 7, 2024
Cross-site scripting (XSS) vulnerability in Description metadata Moderate
CVE-2024-37160 was published for getformwork/formwork (Composer) Jun 7, 2024
Kyokito1412
TYPO3 Cross-Site Scripting in Form Framework validation handling Moderate
GHSA-v8m4-3w37-ghxx was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Form Framework Moderate
GHSA-4h5c-5g25-v7fh was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Link Handling Moderate
GHSA-xgmx-j3hv-jh9x was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Filelist Module Moderate
GHSA-g7hw-jh4p-75wr was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Cross-Site Scripting in Fluid ViewHelpers Moderate
GHSA-85ch-44w7-rf32 was published for typo3/cms (Composer) Jun 7, 2024
TokenController formName not sanitized in hidden input Moderate
CVE-2024-37156 was published for sulu/form-bundle (Composer) Jun 6, 2024
picturestone rogamoore
ProTip! Advisories are also available from the GraphQL API