GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
931 advisories
OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization
High
CVE-2025-66021
was published
for
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer
(Maven)
Nov 25, 2025
GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
Moderate
CVE-2025-21621
was published
for
org.geoserver.web:gs-web-app
(Maven)
Nov 25, 2025
Opencast's Paella Player 7 is vulnerable to Cross-Site Scripting
Moderate
CVE-2025-61788
was published
for
org.opencastproject:opencast-common
(Maven)
Oct 8, 2025
ProTip!
Advisories are also available from the
GraphQL API