CVEs affecting projects tracked on Release Alert, from NVD & OSV.
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.