Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.3.2229

Web Application Vulnerabilities

This page lists 24119 vulnerabilities in 70 categories.

Critical: 1560 High: 12984 Medium: 8644 Low: 865 Information: 66
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380)
CVE-2021-21380
CWE-138
High
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379)
CVE-2021-21379
CWE-281
Medium
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
CVE-2023-26475
CWE-269
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465)
CVE-2023-34465
CWE-269
High
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
CVE-2023-26476
CWE-307
High
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480)
CVE-2023-27480
CWE-611
High
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)
CVE-2022-29161
CWE-326
Critical
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)
CVE-2023-36468
CWE-459
High
XWiki Incorrect Authorization Vulnerability (CVE-2021-32620)
CVE-2021-32620
CWE-863
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)
CVE-2022-23615
CWE-863
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2023-26056)
CVE-2023-26056
CWE-863
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)
CVE-2023-32069
CWE-863
High
XWiki Incorrect Authorization Vulnerability (CVE-2023-46244)
CVE-2023-46244
CWE-863
High
XWiki Incorrect Authorization Vulnerability (CVE-2023-50732)
CVE-2023-50732
CWE-863
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2024-38369)
CVE-2024-38369
CWE-863
Medium
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729)
CVE-2021-32729
CWE-732
Medium
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821)
CVE-2022-24821
CWE-648
High
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933)
CVE-2022-41933
CWE-522
Medium
XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820)
CVE-2022-24820
CWE-306
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-23617)
CVE-2022-23617
CWE-862
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-31167)
CVE-2022-31167
CWE-862
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-36091)
CVE-2022-36091
CWE-862
High
XWiki Missing Authorization Vulnerability (CVE-2022-41929)
CVE-2022-41929
CWE-862
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
CVE-2022-41930
CWE-862
High
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
CVE-2022-41937
CWE-862
High
XWiki Missing Authorization Vulnerability (CVE-2023-37910)
CVE-2023-37910
CWE-862
High
XWiki Missing Authorization Vulnerability (CVE-2023-41046)
CVE-2023-41046
CWE-862
Medium
XWiki Missing Authorization Vulnerability (CVE-2024-43401)
CVE-2024-43401
CWE-862
High
XWiki Other Vulnerability (CVE-2022-36090)
CVE-2022-36090
-
High
XWiki Other Vulnerability (CVE-2022-41935)
CVE-2022-41935
-
Medium
XWiki Other Vulnerability (CVE-2023-26478)
CVE-2023-26478
-
High
XWiki Other Vulnerability (CVE-2023-29507)
CVE-2023-29507
-
High
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
CVE-2023-26470
CWE-787
High
XWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-7223)
CVE-2006-7223
CWE-264
Medium
XWiki Platform RCE (CVE-2023-37462)
CVE-2023-37462
CWE-74
High
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
CVE-2023-48240
CWE-918
High
XWiki Transmission of Private Resources into a New Sphere ('Resource Leak') Vulnerability (CVE-2023-38509)
CVE-2023-38509
CWE-402
Medium
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651)
CVE-2024-21651
CWE-400
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-29204)
CVE-2023-29204
CWE-601
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)
CVE-2023-32068
CWE-601
Medium
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)
CVE-2022-23619
CWE-640
High
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-66473)
CVE-2025-66473
CWE-770
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985)
CVE-2024-31985
CWE-352
Medium
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)
CVE-2024-31986
CWE-352
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)
CVE-2024-31988
CWE-352
High
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972)
CVE-2025-32972
-
Medium
XWikiplatform CVE-2025-48063 Vulnerability (CVE-2025-48063)
CVE-2025-48063
-
High
XWikiplatform CVE-2025-55749 Vulnerability (CVE-2025-55749)
CVE-2025-55749
-
High
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124)
CVE-2025-54124
CWE-359
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125)
CVE-2025-54125
CWE-359
Medium
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465)
CVE-2024-31465
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982)
CVE-2024-31982
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984)
CVE-2024-31984
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31996)
CVE-2024-31996
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
CVE-2024-37899
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900)
CVE-2024-37900
CWE-94
Medium
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
CVE-2024-37901
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)
CVE-2024-55877
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-24893)
CVE-2025-24893
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581)
CVE-2025-49581
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991)
CVE-2025-51991
CWE-94
High
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663)
CVE-2024-55663
CWE-116
Critical
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2025-32974)
CVE-2025-32974
CWE-116
Critical
XWikiplatform Improper Input Validation Vulnerability (CVE-2025-54385)
CVE-2025-54385
CWE-20
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947)
CVE-2024-41947
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-32430)
CVE-2025-32430
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-46558)
CVE-2025-46558
CWE-707
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-51990)
CVE-2025-51990
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-53835)
CVE-2025-53835
CWE-707
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-66472)
CVE-2025-66472
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-24128)
CVE-2026-24128
CWE-707
Medium
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-56158)
CVE-2024-56158
CWE-138
Critical
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32429)
CVE-2025-32429
CWE-138
Critical
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High