Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24637 vulnerabilities in 62 categories.

Critical: 1632 High: 13196 Medium: 8851 Low: 887 Information: 71
Vulnerability Name
CVE
CWE
Severity
Jenkins URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-53436)
CVE-2026-53436
CWE-601
Medium
Jenkins URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-53437)
CVE-2026-53437
CWE-601
Medium
Jenkins URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-53440)
CVE-2026-53440
CWE-601
Medium
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
CVE-2020-2099
CWE-330
High
Jenkins user enumeration
-
CWE-200
Low
Jenkins weak password
-
CWE-200
High
JetBrains .idea project directory
-
CWE-538
Medium
JetLeak vulnerability
CVE-2015-2080
CWE-200
High
Jetpack 2.9.3: Critical Security Update
CVE-2014-0173
CWE-287
High
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-26048)
CVE-2023-26048
CWE-770
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-22201)
CVE-2024-22201
CWE-770
High
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-6762)
CVE-2024-6762
CWE-770
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-8184)
CVE-2024-8184
CWE-770
Medium
Jetty ConcatServlet Information Disclosure (CVE-2021-28169)
CVE-2021-28169
CWE-200
Medium
Jetty CVE-2017-7656 Vulnerability (CVE-2017-7656)
CVE-2017-7656
-
High
Jetty CVE-2018-12536 Vulnerability (CVE-2018-12536)
CVE-2018-12536
-
Medium
Jetty CVE-2020-27218 Vulnerability (CVE-2020-27218)
CVE-2020-27218
-
Medium
Jetty CVE-2023-26049 Vulnerability (CVE-2023-26049)
CVE-2023-26049
-
Medium
Jetty CVE-2023-40167 Vulnerability (CVE-2023-40167)
CVE-2023-40167
-
Medium
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-5045)
CVE-2009-5045
CWE-200
High
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
CVE-2015-2080
CWE-200
High
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28169)
CVE-2021-28169
CWE-200
Medium
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-34429)
CVE-2021-34429
CWE-200
Medium
Jetty Improper Access Control Vulnerability (CVE-2016-4800)
CVE-2016-4800
CWE-284
Critical
Jetty Improper Input Validation Vulnerability (CVE-2022-2047)
CVE-2022-2047
CWE-20
Low
Jetty Improper Input Validation Vulnerability (CVE-2025-11143)
CVE-2025-11143
CWE-20
Medium
Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)
CVE-2021-28163
CWE-59
Low
Jetty Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-5046)
CVE-2009-5046
CWE-707
Medium
Jetty Improper Neutralization of Quoting Syntax Vulnerability (CVE-2023-36479)
CVE-2023-36479
CWE-149
Medium
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)
CVE-2022-2191
CWE-404
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2024-13009)
CVE-2024-13009
CWE-404
High
Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-5047)
CVE-2009-5047
CWE-119
Critical
Jetty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7658)
CVE-2017-7658
CWE-444
Critical
Jetty Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2026-2332)
CVE-2026-2332
-
Critical
Jetty Information Disclosure (CVE-2021-34429)
CVE-2021-28164
CWE-200
Medium
Jetty Insufficient Session Expiration Vulnerability (CVE-2021-34428)
CVE-2021-34428
CWE-613
Low
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2017-7657)
CVE-2017-7657
CWE-190
Critical
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
CVE-2023-36478
CWE-190
High
Jetty Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2026-1605)
CVE-2026-1605
CWE-401
High
Jetty Observable Discrepancy Vulnerability (CVE-2017-9735)
CVE-2017-9735
CWE-203
High
Jetty Other Vulnerability (CVE-2020-27216)
CVE-2020-27216
-
High
Jetty Other Vulnerability (CVE-2024-6763)
CVE-2024-6763
-
Medium
Jetty Sensitive Information in Resource Not Removed Before Reuse Vulnerability (CVE-2026-5795)
CVE-2026-5795
CWE-226
High
Jetty Session Fixation Vulnerability (CVE-2018-12538)
CVE-2018-12538
CWE-384
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2020-27223)
CVE-2020-27223
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
CVE-2021-28165
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
CVE-2022-2048
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
CVE-2023-44487
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2024-9823)
CVE-2024-9823
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2025-1948)
CVE-2025-1948
CWE-400
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2025-5115)
CVE-2025-5115
CWE-400
High
Jetty Weak Authentication Vulnerability (CVE-2023-41900)
CVE-2023-41900
-
Medium
Jira Projects accessible anonymously
-
CWE-200
Low
Jira QueryComponent Information Disclosure (CVE-2020-14179)
CVE-2020-14179
CWE-288
Medium
JIRA Security Advisory 2012-08-28
-
CWE-79
High
JIRA Security Advisory 2013-02-21
-
CWE-22
High
JIRA Security Advisory 2014-02-26
-
CWE-22
High
Jira Seraph Authentication Bypass (CVE-2022-0540)
CVE-2022-0540
CWE-288
Critical
Jira SSTI CVE-2019-11581
CVE-2019-11581
CWE-22
High
Jira Unauthorized SSRF via REST API
CVE-2019-8451
CWE-918
High
Jira Unauthorized User Enumeration (CVE-2020-14181)
CVE-2020-14181
CWE-200
Medium
Jira Unauthorized User Enumeration via UserPickerBrowser
-
CWE-200
Low
Joe Editor DEADJOE file
-
CWE-538
Low
Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0168)
CVE-2014-0168
CWE-352
Medium
Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10899)
CVE-2018-10899
CWE-352
High
Jolokia Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000129)
CVE-2018-1000129
CWE-707
Medium
Jolokia XML External Entity (XXE) vulnerability
-
CWE-611
High
Joomla 1.5 end of life
-
CWE-1104
High
Joomla Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-4650)
CVE-2005-4650
CWE-770
Medium
Joomla Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-11324)
CVE-2018-11324
CWE-362
Medium
Joomla Configuration Vulnerability (CVE-2008-3228)
CVE-2008-3228
-
High
Joomla Credentials Management Errors Vulnerability (CVE-2016-9081)
CVE-2016-9081
-
Critical
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
CVE-2021-26033
CWE-352
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-1280)
CVE-2009-1280
CWE-352
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5397)
CVE-2015-5397
CWE-352
Medium