Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
Bootstrap Table Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2021-23472)
CVE-2021-23472
CWE-843
Medium
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2021-23841)
CVE-2021-23841
CWE-476
Medium
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2021-24066)
CVE-2021-24066
CWE-502
Medium
SharePoint CVE-2021-24071 Vulnerability (CVE-2021-24071)
CVE-2021-24071
-
Medium
SharePoint CVE-2021-24072 Vulnerability (CVE-2021-24072)
CVE-2021-24072
-
Medium
SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)
CVE-2021-24104
-
Medium
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
CVE-2021-24122
CWE-706
Medium
WP Plugin Advanced Custom Fields Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24241)
CVE-2021-24241
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24306)
CVE-2021-24306
CWE-707
Medium
Oracle HTTP Server CVE-2021-25219 Vulnerability (CVE-2021-25219)
CVE-2021-25219
-
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)
CVE-2021-26027
CWE-863
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26028)
CVE-2021-26028
CWE-22
Medium
Joomla Improper Input Validation Vulnerability (CVE-2021-26029)
CVE-2021-26029
CWE-20
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)
CVE-2021-26030
CWE-707
Medium
Joomla CVE-2021-26031 Vulnerability (CVE-2021-26031)
CVE-2021-26031
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)
CVE-2021-26032
CWE-707
Medium
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
CVE-2021-26033
CWE-352
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26034)
CVE-2021-26034
CWE-352
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26035)
CVE-2021-26035
CWE-707
Medium
Joomla Insufficient Session Expiration Vulnerability (CVE-2021-26037)
CVE-2021-26037
CWE-613
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26039)
CVE-2021-26039
CWE-707
Medium
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26069)
CVE-2021-26069
CWE-138
Medium
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072)
CVE-2021-26072
CWE-918
Medium
Atlassian Jira CVE-2021-26075 Vulnerability (CVE-2021-26075)
CVE-2021-26075
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26078)
CVE-2021-26078
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26079)
CVE-2021-26079
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26080)
CVE-2021-26080
CWE-707
Medium
Atlassian Jira CVE-2021-26081 Vulnerability (CVE-2021-26081)
CVE-2021-26081
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26082)
CVE-2021-26082
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083)
CVE-2021-26083
CWE-707
Medium
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
CVE-2021-26085
CWE-862
Medium
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26086)
CVE-2021-26086
CWE-22
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)
CVE-2021-26271
CWE-829
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272)
CVE-2021-26272
CWE-829
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26746)
CVE-2021-26746
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799)
CVE-2021-26799
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26925)
CVE-2021-26925
CWE-707
Medium
SharePoint CVE-2021-27052 Vulnerability (CVE-2021-27052)
CVE-2021-27052
-
Medium
SharePoint CVE-2021-27076 Vulnerability (CVE-2021-27076)
CVE-2021-27076
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27131)
CVE-2021-27131
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27279)
CVE-2021-27279
CWE-707
Medium
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-27568)
CVE-2021-27568
CWE-754
Medium
Pega Infinity CVE-2021-27653 Vulnerability (CVE-2021-27653)
CVE-2021-27653
-
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27889)
CVE-2021-27889
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27902)
CVE-2021-27902
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27949)
CVE-2021-27949
CWE-707
Medium
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)
CVE-2021-27969
CWE-707
Medium
Squid Out-of-bounds Read Vulnerability (CVE-2021-28116)
CVE-2021-28116
CWE-125
Medium
Grafana Incorrect Authorization Vulnerability (CVE-2021-28146)
CVE-2021-28146
CWE-863
Medium
Grafana Other Vulnerability (CVE-2021-28147)
CVE-2021-28147
-
Medium
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28169)
CVE-2021-28169
CWE-200
Medium
WebLogic Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2021-28170)
CVE-2021-28170
CWE-138
Medium
Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28359)
CVE-2021-28359
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28417)
CVE-2021-28417
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28418)
CVE-2021-28418
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28420)
CVE-2021-28420
CWE-707
Medium
SharePoint CVE-2021-28450 Vulnerability (CVE-2021-28450)
CVE-2021-28450
-
Medium
SharePoint CVE-2021-28453 Vulnerability (CVE-2021-28453)
CVE-2021-28453
-
Medium
SharePoint Interpretation Conflict Vulnerability (CVE-2021-28474)
CVE-2021-28474
CWE-436
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28556)
CVE-2021-28556
CWE-707
Medium
Magento Improper Authorization Vulnerability (CVE-2021-28563)
CVE-2021-28563
CWE-285
Medium
Magento Incorrect Authorization Vulnerability (CVE-2021-28567)
CVE-2021-28567
CWE-863
Medium
Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583)
CVE-2021-28583
CWE-657
Medium
Magento Improper Input Validation Vulnerability (CVE-2021-28585)
CVE-2021-28585
CWE-20
Medium
Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)
CVE-2021-28652
CWE-401
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28658)
CVE-2021-28658
CWE-22
Medium
silverstripeCMS Incorrect Authorization Vulnerability (CVE-2021-28661)
CVE-2021-28661
CWE-863
Medium
Squid Improper Encoding or Escaping of Output Vulnerability (CVE-2021-28662)
CVE-2021-28662
CWE-116
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29002)
CVE-2021-29002
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29008)
CVE-2021-29008
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)
CVE-2021-29009
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29010)
CVE-2021-29010
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29039)
CVE-2021-29039
CWE-707
Medium
Liferay Portal Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-29040)
CVE-2021-29040
CWE-209
Medium