CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Grav CMS1.7.49.5 is vulnerable to Cross Site Scripting (XSS).