Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62244)
CVE-2025-62244
CWE-639
Medium
Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-62252)
CVE-2025-62252
CWE-639
Medium
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)
CVE-2021-33323
CWE-312
High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33325)
CVE-2021-33325
CWE-312
Medium
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2025-62261)
CVE-2025-62261
CWE-312
Medium
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)
CVE-2021-33338
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)
CVE-2023-35030
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
CVE-2024-26273
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8980)
CVE-2024-8980
CWE-352
Medium
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-43809)
CVE-2025-43809
CWE-352
Medium
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62245)
CVE-2025-62245
CWE-352
Medium
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62258)
CVE-2025-62258
CWE-352
Medium
Liferay Portal CVE-2011-1571 Vulnerability (CVE-2011-1571)
CVE-2011-1571
-
Medium
Liferay Portal CVE-2020-13444 Vulnerability (CVE-2020-13444)
CVE-2020-13444
-
Medium
Liferay Portal CVE-2020-15840 Vulnerability (CVE-2020-15840)
CVE-2020-15840
-
Medium
Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)
CVE-2020-15841
-
High
Liferay Portal CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)
CVE-2021-38266
-
High
Liferay Portal CVE-2022-42126 Vulnerability (CVE-2022-42126)
CVE-2022-42126
-
Medium
Liferay Portal CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)
CVE-2024-25148
-
High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)
CVE-2019-16891
CWE-502
High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
CVE-2020-15842
CWE-502
High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)
CVE-2020-7961
CWE-502
Critical
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1502)
CVE-2011-1502
CWE-200
Medium
Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1503)
CVE-2011-1503
CWE-200
Low
Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-42132)
CVE-2022-42132
CWE-200
Medium
Liferay Portal External Control of System or Configuration Setting Vulnerability (CVE-2025-43792)
CVE-2025-43792
CWE-15
Medium
Liferay Portal Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-29040)
CVE-2021-29040
CWE-209
Medium
Liferay Portal Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-43777)
CVE-2025-43777
CWE-209
Medium
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
CVE-2021-29047
CWE-287
High
Liferay Portal Improper Certificate Validation Vulnerability (CVE-2022-42131)
CVE-2022-42131
CWE-295
Medium
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)
CVE-2022-28981
CWE-22
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)
CVE-2022-42125
CWE-22
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-3594)
CVE-2025-3594
CWE-22
Critical
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813)
CVE-2025-43813
CWE-22
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254)
CVE-2025-62254
CWE-22
High
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3742)
CVE-2009-3742
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1570)
CVE-2011-1570
CWE-707
Low
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2963)
CVE-2014-2963
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10404)
CVE-2016-10404
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1000425)
CVE-2017-1000425
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12645)
CVE-2017-12645
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12646)
CVE-2017-12646
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12647)
CVE-2017-12647
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12648)
CVE-2017-12648
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12649)
CVE-2017-12649
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17868)
CVE-2017-17868
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16147)
CVE-2019-16147
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6588)
CVE-2019-6588
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25476)
CVE-2020-25476
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7934)
CVE-2020-7934
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29039)
CVE-2021-29039
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29044)
CVE-2021-29044
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29045)
CVE-2021-29045
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29046)
CVE-2021-29046
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29048)
CVE-2021-29048
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29051)
CVE-2021-29051
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33326)
CVE-2021-33326
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33328)
CVE-2021-33328
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33332)
CVE-2021-33332
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33336)
CVE-2021-33336
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33337)
CVE-2021-33337
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33339)
CVE-2021-33339
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35463)
CVE-2021-35463
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38263)
CVE-2021-38263
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38264)
CVE-2021-38264
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38265)
CVE-2021-38265
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38267)
CVE-2021-38267
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)
CVE-2021-38269
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium