GitHub Security

Security related news and updates for GitHub

Critical XSS Flaw Found in GitHub Enterprise Server: Immediate Update Recommended

Nov 11, 2025

—

by

Elles De Yeager

in Cyber News & Updates

A critical DOM-based Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-11892, has been uncovered in GitHub Enterprise Server, posing a significant risk of privilege escalation and unauthorized workflow triggers. Immediate update to affected systems is highly recommended to mitigate this high-severity flaw.