CVEs affecting projects tracked on Release Alert, from NVD & OSV.
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.