diff --git a/smarty/smarty/CVE-2023-28447.yaml b/smarty/smarty/CVE-2023-28447.yaml
new file mode 100644
index 000000000..30fe3ca84
--- /dev/null
+++ b/smarty/smarty/CVE-2023-28447.yaml
@@ -0,0 +1,11 @@
+title: Cross site scripting vulnerability in Javascript escaping
+link: https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
+cve: CVE-2023-28447
+branches:
+    '3.1':
+        time: 2023-03-28 19:41:00
+        versions: [ '<3.1.48' ]
+    master:
+        time: 2023-03-28 19:46:00
+        versions: [ '>=4.0.0', '<4.1.1' ]
+reference: composer://smarty/smarty