🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Medium Severity Vulnerabilities
Found
8734 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11025)
CVE-2020-11025
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11026)
CVE-2020-11026
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11029)
CVE-2020-11029
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11030)
CVE-2020-11030
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11064)
CVE-2020-11064
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11065)
CVE-2020-11065
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11074)
CVE-2020-11074
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110)
CVE-2020-11110
CWE-707
Medium
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415)
CVE-2020-11415
CWE-312
Medium
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11441)
CVE-2020-11441
CWE-138
Medium
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455)
CVE-2020-11455
CWE-22
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11456)
CVE-2020-11456
CWE-707
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)
CVE-2020-11583
CWE-707
Medium
PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)
CVE-2020-11583
CWE-707
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11584)
CVE-2020-11584
CWE-707
Medium
PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11584)
CVE-2020-11584
CWE-707
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11813)
CVE-2020-11813
CWE-707
Medium
qdPM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11814)
CVE-2020-11814
CWE-138
Medium
Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)
CVE-2020-11821
CWE-312
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11822)
CVE-2020-11822
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11823)
CVE-2020-11823
CWE-707
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11889)
CVE-2020-11889
CWE-863
Medium
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)
CVE-2020-11890
CWE-20
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)
CVE-2020-11891
CWE-863
Medium
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-11985)
CVE-2020-11985
CWE-345
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12052)
CVE-2020-12052
CWE-707
Medium
Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-12108)
CVE-2020-12108
CWE-138
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12137)
CVE-2020-12137
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12245)
CVE-2020-12245
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12438)
CVE-2020-12438
CWE-707
Medium
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458)
CVE-2020-12458
CWE-312
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459)
CVE-2020-12459
CWE-200
Medium
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12480)
CVE-2020-12480
CWE-352
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12625)
CVE-2020-12625
CWE-707
Medium
Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12626)
CVE-2020-12626
CWE-352
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12629)
CVE-2020-12629
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12639)
CVE-2020-12639
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12648)
CVE-2020-12648
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12706)
CVE-2020-12706
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12708)
CVE-2020-12708
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12718)
CVE-2020-12718
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13094)
CVE-2020-13094
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13239)
CVE-2020-13239
CWE-707
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2020-13240)
CVE-2020-13240
CWE-276
Medium
Django Improper Certificate Validation Vulnerability (CVE-2020-13254)
CVE-2020-13254
CWE-295
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430)
CVE-2020-13430
CWE-707
Medium
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2020-13434)
CVE-2020-13434
CWE-190
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13435)
CVE-2020-13435
CWE-476
Medium
Liferay Portal CVE-2020-13444 Vulnerability (CVE-2020-13444)
CVE-2020-13444
-
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13596)
CVE-2020-13596
CWE-707
Medium
Sqlite CVE-2020-13631 Vulnerability (CVE-2020-13631)
CVE-2020-13631
-
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13632)
CVE-2020-13632
CWE-476
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655)
CVE-2020-13655
CWE-707
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
CVE-2020-13662
CWE-601
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13666)
CVE-2020-13666
CWE-707
Medium
Drupal Incorrect Default Permissions Vulnerability (CVE-2020-13667)
CVE-2020-13667
CWE-276
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13668)
CVE-2020-13668
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13669)
CVE-2020-13669
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13672)
CVE-2020-13672
CWE-707
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)
CVE-2020-13674
CWE-352
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)
CVE-2020-13676
CWE-863
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13688)
CVE-2020-13688
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13761)
CVE-2020-13761
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13762)
CVE-2020-13762
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13827)
CVE-2020-13827
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13828)
CVE-2020-13828
CWE-707
Medium
Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13897)
CVE-2020-13897
CWE-707
Medium
Apache HTTP Server Missing Authorization Vulnerability (CVE-2020-13938)
CVE-2020-13938
CWE-862
Medium
Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943)
CVE-2020-13943
-
Medium
WebLogic CVE-2020-13956 Vulnerability (CVE-2020-13956)
CVE-2020-13956
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13964)
CVE-2020-13964
CWE-707
Medium
« Previous
1
...
72
73
74
75
76
77
78
79
...
117
Next »
