Security: monkeytypegame/monkeytype
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Stored XSS in approve quotes pageGHSA-mfjh-9552-8g27 published
Dec 4, 2025 by MiodecHigh -
Stored XSS on loading saved custom textGHSA-j4xx-fww5-774w published
Sep 25, 2025 by MiodecLow -
Monkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its `ci-failure-comment.yml` GitHub Workflow, enabling attackers to gain `pull-requests` write access.GHSA-wcjf-5464-4wq9 published
Aug 2, 2024 by MiodecCritical