A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter.
enhanced-github project enhanced-github 5.0.11