Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-43762)
CVE-2025-43762
CWE-770
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2022-42129)
CVE-2022-42129
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43782)
CVE-2025-43782
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43790)
CVE-2025-43790
CWE-639
High
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43803)
CVE-2025-43803
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43810)
CVE-2025-43810
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43827)
CVE-2025-43827
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62241)
CVE-2025-62241
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62242)
CVE-2025-62242
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62244)
CVE-2025-62244
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62252)
CVE-2025-62252
CWE-639
Medium
Liferay DXP Cleartext Storage of Sensitive Information Vulnerability (CVE-2025-62261)
CVE-2025-62261
CWE-312
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
CVE-2024-26273
CWE-352
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8980)
CVE-2024-8980
CWE-352
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-43809)
CVE-2025-43809
CWE-352
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62245)
CVE-2025-62245
CWE-352
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62258)
CVE-2025-62258
CWE-352
Medium
Liferay DXP CVE-2021-29041 Vulnerability (CVE-2021-29041)
CVE-2021-29041
-
Medium
Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)
CVE-2021-38266
-
High
Liferay DXP CVE-2022-42126 Vulnerability (CVE-2022-42126)
CVE-2022-42126
-
Medium
Liferay DXP CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)
CVE-2024-25148
-
High
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
CVE-2020-15842
CWE-502
High
Liferay DXP Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay DXP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-42132)
CVE-2022-42132
CWE-200
Medium
Liferay DXP External Control of System or Configuration Setting Vulnerability (CVE-2025-43792)
CVE-2025-43792
CWE-15
Medium
Liferay DXP Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-43777)
CVE-2025-43777
CWE-209
Medium
Liferay DXP Improper Certificate Validation Vulnerability (CVE-2022-42131)
CVE-2022-42131
CWE-295
Medium
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-3594)
CVE-2025-3594
CWE-22
Critical
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813)
CVE-2025-43813
CWE-22
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254)
CVE-2025-62254
CWE-22
High
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29049)
CVE-2021-29049
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38263)
CVE-2021-38263
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38265)
CVE-2021-38265
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38267)
CVE-2021-38267
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)
CVE-2021-38269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28979)
CVE-2022-28979
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28982)
CVE-2022-28982
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)
CVE-2022-38901
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38902)
CVE-2022-38902
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42110)
CVE-2022-42110
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111)
CVE-2022-42111
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112)
CVE-2022-42112
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114)
CVE-2022-42114
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116)
CVE-2022-42116
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117)
CVE-2022-42117
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42118)
CVE-2022-42118
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42119)
CVE-2022-42119
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33937)
CVE-2023-33937
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33938)
CVE-2023-33938
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939)
CVE-2023-33939
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33940)
CVE-2023-33940
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33944)
CVE-2023-33944
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37940)
CVE-2023-37940
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)
CVE-2023-40191
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42496)
CVE-2023-42496
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42497)
CVE-2023-42497
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42498)
CVE-2023-42498
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627)
CVE-2023-42627
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628)
CVE-2023-42628
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)
CVE-2023-42629
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44309)
CVE-2023-44309
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)
CVE-2023-44310
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47795)
CVE-2023-47795
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-11993)
CVE-2024-11993
CWE-707
Medium