Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Medium Severity Vulnerabilities

Found 15385 vulnerabilities at Medium severity.

Reference
Title
Technology
CVE-2026-26309
Envoy Proxy Off-by-one Error Vulnerability
Envoy Proxy
CVE-2019-12387
Twisted Web HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Twisted Web HTTP Server
CVE-2016-1000111
Twisted Web HTTP Server Direct Request (Forced Browsing) Vulnerability
Twisted Web HTTP Server
CVE-2022-39348
Twisted Web HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Twisted Web HTTP Server
CVE-2023-46137
Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Twisted Web HTTP Server
CVE-2020-5284
Next.js Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Next.js
CVE-2018-18282
Next.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Next.js
CVE-2022-36046
Next.js Improper Check for Unusual or Exceptional Conditions Vulnerability
Next.js
CVE-2021-39178
Next.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Next.js
CVE-2021-37699
Next.js URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Next.js
CVE-2020-15242
Next.js URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Next.js
CVE-2025-57752
Next.js Use of Cache Containing Sensitive Information Vulnerability
Next.js
CVE-2025-55173
Next.js Improper Input Validation Vulnerability
Next.js
CVE-2025-48068
Next.js Missing Origin Validation in WebSockets Vulnerability
Next.js
CVE-2025-30218
Next.js Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Next.js
CVE-2024-56332
Next.js Allocation of Resources Without Limits or Throttling Vulnerability
Next.js
CVE-2025-55183
Next.js Vulnerability
Next.js
CVE-2026-29057
Next.js Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Next.js
CVE-2026-27978
Next.js Cross-Site Request Forgery (CSRF) Vulnerability
Next.js
CVE-2026-27977
Next.js Missing Origin Validation in WebSockets Vulnerability
Next.js
CVE-2020-12480
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability
Play Framework
CVE-2020-7937
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS
CVE-2020-7936
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Plone CMS
CVE-2013-7062
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS
CVE-2017-1000484
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Plone CMS
CVE-2017-1000483
Plone CMS Vulnerability
Plone CMS
CVE-2017-1000482
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS
CVE-2017-1000481
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Plone CMS
CVE-2015-7317
Plone CMS Permissions Privileges and Access Controls Vulnerability
Plone CMS
CVE-2015-7316
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Plone CMS