GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,888 advisories
starcitizentools/citizen-skin allows stored XSS in user registration date message
Moderate
CVE-2025-49578
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 13, 2025
starcitizentools/citizen-skin allows stored XSS in menu heading message
Moderate
CVE-2025-49579
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 13, 2025
starcitizentools/citizen-skin allows stored XSS in preference menu heading messages
Moderate
CVE-2025-49577
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 13, 2025
starcitizentools/citizen-skin allows stored XSS in search no result messages
Moderate
CVE-2025-49576
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 13, 2025
Citizen skin vulnerable to stored XSS through multiple system messages
Moderate
CVE-2025-49575
was published
for
starcitizentools/citizen-skin
(Composer)
Jun 11, 2025
HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter
Moderate
CVE-2025-49138
was published
for
elmsln/haxcms
(Composer)
Jun 9, 2025
Yii 2 Redis may expose AUTH parameters in logs in case of connection failure
Moderate
CVE-2025-48493
was published
for
yiisoft/yii2-redis
(Composer)
Jun 5, 2025
Mautic has an Open Redirect vulnerability on user unlock path.
Moderate
CVE-2025-5256
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic segment cloning doesn't have a proper permission check
Moderate
CVE-2024-47055
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic allows user name enumeration due to response time difference on password reset form
Moderate
CVE-2024-47057
was published
for
mautic/core
(Composer)
May 28, 2025
ProTip!
Advisories are also available from the
GraphQL API