github-readme-stats is an open source project. github-readme-stats suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by WEB applications, which can be exploited by attackers to execute client-side code.