Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
MongoDb Improper Input Validation Vulnerability (CVE-2021-20330)
CVE-2021-20330
CWE-20
Medium
MongoDb Improper Encoding or Escaping of Output Vulnerability (CVE-2021-20333)
CVE-2021-20333
CWE-116
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20340)
CVE-2021-20340
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20350)
CVE-2021-20350
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20351)
CVE-2021-20351
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20352)
CVE-2021-20352
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20357)
CVE-2021-20357
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20447)
CVE-2021-20447
CWE-707
Medium
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2021-20496)
CVE-2021-20496
CWE-20
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20503)
CVE-2021-20503
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20504)
CVE-2021-20504
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20506)
CVE-2021-20506
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20507)
CVE-2021-20507
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20518)
CVE-2021-20518
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20519)
CVE-2021-20519
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20520)
CVE-2021-20520
CWE-707
Medium
Magento Improper Access Control Vulnerability (CVE-2021-21020)
CVE-2021-21020
CWE-284
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21022)
CVE-2021-21022
CWE-285
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023)
CVE-2021-21023
CWE-707
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21026)
CVE-2021-21026
CWE-285
Medium
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)
CVE-2021-21027
CWE-352
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029)
CVE-2021-21029
CWE-707
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031)
CVE-2021-21031
CWE-613
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032)
CVE-2021-21032
CWE-613
Medium
CKEditor Uncontrolled Resource Consumption Vulnerability (CVE-2021-21254)
CVE-2021-21254
CWE-400
Medium
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)
CVE-2021-21336
CWE-200
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
CVE-2021-21338
CWE-601
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340)
CVE-2021-21340
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358)
CVE-2021-21358
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)
CVE-2021-21365
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370)
CVE-2021-21370
CWE-707
Medium
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379)
CVE-2021-21379
CWE-281
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21398)
CVE-2021-21398
CWE-707
Medium
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21602)
CVE-2021-21602
CWE-59
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21603)
CVE-2021-21603
CWE-707
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2021-21606)
CVE-2021-21606
CWE-20
Medium
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-21607)
CVE-2021-21607
CWE-770
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21608)
CVE-2021-21608
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21609)
CVE-2021-21609
CWE-863
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21610)
CVE-2021-21610
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21611)
CVE-2021-21611
CWE-707
Medium
Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2021-21615)
CVE-2021-21615
CWE-367
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2021-21639)
CVE-2021-21639
CWE-20
Medium
Jenkins Improper Handling of Inconsistent Structural Elements Vulnerability (CVE-2021-21640)
CVE-2021-21640
CWE-240
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21670)
CVE-2021-21670
CWE-863
Medium
Jenkins CVE-2021-21682 Vulnerability (CVE-2021-21682)
CVE-2021-21682
-
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21683)
CVE-2021-21683
CWE-22
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2021-21704)
CVE-2021-21704
CWE-787
Medium
PHP Improper Input Validation Vulnerability (CVE-2021-21705)
CVE-2021-21705
CWE-20
Medium
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21706)
CVE-2021-21706
CWE-22
Medium
PHP Other Vulnerability (CVE-2021-21707)
CVE-2021-21707
-
Medium
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051)
CVE-2021-22051
CWE-863
Medium
MySQL NULL Pointer Dereference Vulnerability (CVE-2021-22570)
CVE-2021-22570
CWE-476
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22871)
CVE-2021-22871
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22872)
CVE-2021-22872
CWE-707
Medium
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22873)
CVE-2021-22873
CWE-601
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22874)
CVE-2021-22874
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22875)
CVE-2021-22875
CWE-707
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
CVE-2021-22881
CWE-601
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22888)
CVE-2021-22888
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22889)
CVE-2021-22889
CWE-707
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)
CVE-2021-22903
CWE-601
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
CVE-2021-22942
CWE-601
Medium
Joomla Missing Authorization Vulnerability (CVE-2021-23123)
CVE-2021-23123
CWE-862
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23124)
CVE-2021-23124
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23125)
CVE-2021-23125
CWE-707
Medium
Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)
CVE-2021-23126
CWE-326
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23129)
CVE-2021-23129
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23130)
CVE-2021-23130
CWE-707
Medium
PostgreSQL Insufficiently Protected Credentials Vulnerability (CVE-2021-23222)
CVE-2021-23222
CWE-522
Medium
Python Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-23336)
CVE-2021-23336
CWE-444
Medium
Django Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-23336)
CVE-2021-23336
CWE-444
Medium
jszip CVE-2021-23413 Vulnerability (CVE-2021-23413)
CVE-2021-23413
-
Medium
VideoJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23414)
CVE-2021-23414
CWE-707
Medium
DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23445)
CVE-2021-23445
CWE-707
Medium