Snyk Advisor
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Snyk Advisor.
By the Year
In 2026 there have been 0 vulnerabilities in Snyk Advisor. Advisor did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 5.40 |
It may take a day or so for new Advisor vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Snyk Advisor Security Vulnerabilities
Snyk Advisor Stored XSS via UserProvided Readme Markdown
CVE-2023-1767
5.4 - Medium
- April 20, 2023
The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Snyk Advisor or by Snyk? Click the Watch button to subscribe.
