GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9 advisories
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Moderate
CVE-2019-11358
was published
for
django
(RubyGems)
Apr 26, 2019
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11022
was published
for
athlon1600/youtube-downloader
(RubyGems)
Apr 29, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
components/jquery
(RubyGems)
Apr 29, 2020
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
Moderate
CVE-2024-24815
was published
for
ckeditor/ckeditor
(Composer)
Feb 7, 2024
Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
Moderate
CVE-2024-43407
was published
for
ckeditor/ckeditor
(Composer)
Aug 21, 2024
tarteaucitron.js allows UI manipulation via unrestricted CSS injection
Moderate
CVE-2025-31138
was published
for
tarteaucitronjs
(npm)
Apr 7, 2025
tarteaucitron.js allows url scheme injection via unfiltered inputs
Moderate
CVE-2025-31476
was published
for
tarteaucitronjs
(npm)
Apr 7, 2025
tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript
Moderate
CVE-2025-48939
was published
for
tarteaucitronjs
(npm)
Jul 3, 2025
ProTip!
Advisories are also available from the
GraphQL API