Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Low Severity Vulnerabilities

Found 866 vulnerabilities at Low severity.

Reference
Title
Technology
CVE-2012-6074
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Jenkins
CVE-2025-67639
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Jenkins
CVE-2022-36062
Grafana Improper Preservation of Permissions Vulnerability
Grafana
CVE-2022-39324
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Grafana
CVE-2024-10452
Grafana Authorization Bypass Through User-Controlled Key Vulnerability
Grafana
CVE-2026-21725
Grafana Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability
Grafana
CVE-2026-21727
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability
Grafana
CVE-2021-28163
Jetty Improper Link Resolution Before File Access (Link Following) Vulnerability
Jetty
CVE-2021-34428
Jetty Insufficient Session Expiration Vulnerability
Jetty
CVE-2022-2047
Jetty Improper Input Validation Vulnerability
Jetty
CVE-2023-23934
Werkzeug WSGI Vulnerability
Werkzeug WSGI
CVE-2013-0345
Varnish Cache Permissions Privileges and Access Controls Vulnerability
Varnish Cache
CVE-2007-0282
Oracle HTTP Server Other Vulnerability
Oracle HTTP Server
CVE-2004-1877
Oracle HTTP Server Other Vulnerability
Oracle HTTP Server
CVE-2016-3482
Oracle HTTP Server Vulnerability
Oracle HTTP Server
CVE-2016-0671
Oracle HTTP Server Vulnerability
Oracle HTTP Server
CVE-2014-1832
Phusion Passenger Other Vulnerability
Phusion Passenger
CVE-2014-1831
Phusion Passenger Other Vulnerability
Phusion Passenger
CVE-2020-11767
Envoy Proxy Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Envoy Proxy
CVE-2025-32421
Next.js Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
Next.js
CVE-2025-49005
Next.js Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Next.js
CVE-2026-44582
Next.js Use of Weak Hash Vulnerability
Next.js
CVE-2020-28923
Play Framework Data Amplification Vulnerability
Play Framework
CVE-2012-5502
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS
CVE-2013-4199
Plone CMS Improper Input Validation Vulnerability
Plone CMS
CVE-2011-1949
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS
CVE-2006-3458
Zope Web Application Server Other Vulnerability
Zope Web Application Server
CVE-2019-4150
IBM WebSEAL Improper Certificate Validation Vulnerability
IBM WebSEAL
CVE-2018-1804
IBM WebSEAL Session Fixation Vulnerability
IBM WebSEAL
CVE-2016-3045
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
IBM WebSEAL