Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 8102 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43717)
CVE-2023-43717
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43718)
CVE-2023-43718
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719)
CVE-2023-43719
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43720)
CVE-2023-43720
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43721)
CVE-2023-43721
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43722)
CVE-2023-43722
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43723)
CVE-2023-43723
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43724)
CVE-2023-43724
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43725)
CVE-2023-43725
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43726)
CVE-2023-43726
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43727)
CVE-2023-43727
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43728)
CVE-2023-43728
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43729)
CVE-2023-43729
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43730)
CVE-2023-43730
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43731)
CVE-2023-43731
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43732)
CVE-2023-43732
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43733)
CVE-2023-43733
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43734)
CVE-2023-43734
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43735)
CVE-2023-43735
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43770)
CVE-2023-43770
CWE-707
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-44308)
CVE-2023-44308
CWE-601
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44309)
CVE-2023-44309
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44309)
CVE-2023-44309
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)
CVE-2023-44310
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)
CVE-2023-44310
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44311)
CVE-2023-44311
CWE-707
Medium
Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44389)
CVE-2023-44389
CWE-707
Medium
Piwigo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2023-44393)
CVE-2023-44393
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44796)
CVE-2023-44796
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45137)
CVE-2023-45137
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45360)
CVE-2023-45360
CWE-707
Medium
MediaWiki CVE-2023-45362 Vulnerability (CVE-2023-45362)
CVE-2023-45362
-
Medium
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2023-45364)
CVE-2023-45364
CWE-732
Medium
MediaWiki CVE-2023-45367 Vulnerability (CVE-2023-45367)
CVE-2023-45367
-
Medium
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2023-45369)
CVE-2023-45369
CWE-732
Medium
MediaWiki CVE-2023-45370 Vulnerability (CVE-2023-45370)
CVE-2023-45370
-
Medium
MediaWiki CVE-2023-45372 Vulnerability (CVE-2023-45372)
CVE-2023-45372
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45373)
CVE-2023-45373
CWE-707
Medium
MediaWiki CVE-2023-45374 Vulnerability (CVE-2023-45374)
CVE-2023-45374
-
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45556)
CVE-2023-45556
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2023-45648)
CVE-2023-45648
-
Medium
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-45802)
CVE-2023-45802
CWE-400
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45818)
CVE-2023-45818
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45819)
CVE-2023-45819
CWE-707
Medium
axios Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-45857)
CVE-2023-45857
CWE-352
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45879)
CVE-2023-45879
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45881)
CVE-2023-45881
CWE-707
Medium
Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46137)
CVE-2023-46137
-
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46251)
CVE-2023-46251
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46732)
CVE-2023-46732
CWE-707
Medium
EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736)
CVE-2023-46736
CWE-918
Medium
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46846)
CVE-2023-46846
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46858)
CVE-2023-46858
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125)
CVE-2023-47125
CWE-707
Medium
TYPO3 CVE-2023-47126 Vulnerability (CVE-2023-47126)
CVE-2023-47126
-
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2023-47127)
CVE-2023-47127
CWE-287
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47272)
CVE-2023-47272
CWE-707
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-47283)
CVE-2023-47283
CWE-22
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47795)
CVE-2023-47795
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47795)
CVE-2023-47795
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47797)
CVE-2023-47797
CWE-707
Medium
Liferay DXP Session Fixation Vulnerability (CVE-2023-47798)
CVE-2023-47798
CWE-384
Medium
Liferay Portal Session Fixation Vulnerability (CVE-2023-47798)
CVE-2023-47798
CWE-384
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-48219)
CVE-2023-48219
CWE-707
Medium
CrushFTP Server Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)
CVE-2023-48795
CWE-354
Medium
Jboss EAP Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)
CVE-2023-48795
CWE-354
Medium
YetiForce CRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-49508)
CVE-2023-49508
CWE-22
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-4007)
CVE-2023-4007
CWE-707
Medium
Jboss EAP CVE-2023-4061 Vulnerability (CVE-2023-4061)
CVE-2023-4061
-
Medium
Dolibarr Missing Authorization Vulnerability (CVE-2023-4198)
CVE-2023-4198
CWE-862
Medium
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4220)
CVE-2023-4220
CWE-434
Medium
Caddy Web Server Authentication Bypass by Spoofing Vulnerability (CVE-2023-50463)
CVE-2023-50463
CWE-290
Medium
XWiki CVE-2023-50720 Vulnerability (CVE-2023-50720)
CVE-2023-50720
-
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2023-50732)
CVE-2023-50732
CWE-863
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-51445)
CVE-2023-51445
CWE-707
Medium