Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 8230 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539)
CVE-2021-3539
CWE-707
Medium
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)
CVE-2021-3642
-
Medium
PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)
CVE-2021-3677
-
Medium
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3733)
CVE-2021-3733
CWE-400
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783)
CVE-2021-3783
CWE-707
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3785)
CVE-2021-3785
CWE-707
Medium
OpenVPN AS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3824)
CVE-2021-3824
CWE-707
Medium
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
CVE-2021-3964
CWE-639
Medium
Dolibarr Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3991)
CVE-2021-3991
CWE-639
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40214)
CVE-2021-40214
CWE-707
Medium
SharePoint CVE-2021-40486 Vulnerability (CVE-2021-40486)
CVE-2021-40486
-
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40492)
CVE-2021-40492
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40678)
CVE-2021-40678
CWE-707
Medium
Moodle CVE-2021-40691 Vulnerability (CVE-2021-40691)
CVE-2021-40691
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2021-40692)
CVE-2021-40692
CWE-863
Medium
Moodle Improper Authentication Vulnerability (CVE-2021-40693)
CVE-2021-40693
CWE-287
Medium
Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694)
CVE-2021-40694
CWE-116
Medium
Moodle CVE-2021-40695 Vulnerability (CVE-2021-40695)
CVE-2021-40695
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40882)
CVE-2021-40882
CWE-707
Medium
ProjectSend Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-40886)
CVE-2021-40886
CWE-22
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40888)
CVE-2021-40888
CWE-707
Medium
TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114)
CVE-2021-41114
CWE-644
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174)
CVE-2021-41174
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41304)
CVE-2021-41304
CWE-707
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41308)
CVE-2021-41308
CWE-287
Medium
silverstripeCMS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2021-41559)
CVE-2021-41559
CWE-776
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41798)
CVE-2021-41798
CWE-707
Medium
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41800)
CVE-2021-41800
CWE-770
Medium
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
CVE-2021-41834
CWE-732
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41866)
CVE-2021-41866
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42041)
CVE-2021-42041
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42042)
CVE-2021-42042
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42043)
CVE-2021-42043
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42044)
CVE-2021-42044
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42045)
CVE-2021-42045
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42046)
CVE-2021-42046
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42047)
CVE-2021-42047
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42048)
CVE-2021-42048
CWE-707
Medium
MediaWiki CVE-2021-42049 Vulnerability (CVE-2021-42049)
CVE-2021-42049
-
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050)
CVE-2021-42050
CWE-707
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051)
CVE-2021-42051
CWE-707
Medium
Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)
CVE-2021-42096
CWE-307
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42112)
CVE-2021-42112
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42220)
CVE-2021-42220
CWE-707
Medium
SharePoint CVE-2021-42294 Vulnerability (CVE-2021-42294)
CVE-2021-42294
-
Medium
SharePoint Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-42309)
CVE-2021-42309
CWE-732
Medium
SharePoint Authentication Bypass by Spoofing Vulnerability (CVE-2021-42320)
CVE-2021-42320
CWE-290
Medium
Nexus Repository Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-42568)
CVE-2021-42568
CWE-200
Medium
SharePoint CVE-2021-43242 Vulnerability (CVE-2021-43242)
CVE-2021-43242
-
Medium
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293)
CVE-2021-43293
CWE-918
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43331)
CVE-2021-43331
CWE-707
Medium
Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332)
CVE-2021-43332
CWE-522
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43558)
CVE-2021-43558
CWE-707
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-43560)
CVE-2021-43560
CWE-668
Medium