Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Medium Severity Vulnerabilities
Found
8230 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43677)
CVE-2021-43677
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687)
CVE-2021-43687
CWE-707
Medium
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)
CVE-2021-43767
CWE-295
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)
CVE-2021-43813
CWE-22
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43815)
CVE-2021-43815
CWE-22
Medium
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-43859)
CVE-2021-43859
CWE-400
Medium
SharePoint CVE-2021-43876 Vulnerability (CVE-2021-43876)
CVE-2021-43876
-
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43941)
CVE-2021-43941
CWE-352
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43945)
CVE-2021-43945
CWE-707
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43946)
CVE-2021-43946
CWE-287
Medium
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2021-43948)
CVE-2021-43948
CWE-863
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43950)
CVE-2021-43950
CWE-287
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43952)
CVE-2021-43952
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953)
CVE-2021-43953
CWE-352
Medium
Nexus Repository Manager Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-43961)
CVE-2021-43961
CWE-138
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44025)
CVE-2021-44025
CWE-707
Medium
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44076)
CVE-2021-44076
CWE-707
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
CVE-2021-44528
CWE-601
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2021-44832)
CVE-2021-44832
CWE-20
Medium
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-44854)
CVE-2021-44854
CWE-668
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44855)
CVE-2021-44855
CWE-707
Medium
MediaWiki Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-44856)
CVE-2021-44856
CWE-754
Medium
MediaWiki Improper Privilege Management Vulnerability (CVE-2021-44857)
CVE-2021-44857
CWE-269
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-45038)
CVE-2021-45038
CWE-200
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
CVE-2021-45074
CWE-863
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2021-45105)
CVE-2021-45105
CWE-20
Medium
Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)
CVE-2021-45346
CWE-401
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45357)
CVE-2021-45357
CWE-707
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-45452)
CVE-2021-45452
CWE-22
Medium
MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)
CVE-2021-45471
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45472)
CVE-2021-45472
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45473)
CVE-2021-45473
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45474)
CVE-2021-45474
CWE-707
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-45811)
CVE-2021-45811
CWE-138
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46144)
CVE-2021-46144
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46146)
CVE-2021-46146
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)
CVE-2021-46148
CWE-200
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46150)
CVE-2021-46150
CWE-707
Medium
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)
CVE-2021-46784
CWE-400
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072)
CVE-2021-4072
CWE-707
Medium
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092)
CVE-2021-4092
CWE-352
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107)
CVE-2021-4107
CWE-707
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)
CVE-2021-4111
CWE-20
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116)
CVE-2021-4116
CWE-707
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117)
CVE-2021-4117
CWE-20
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121)
CVE-2021-4121
CWE-707
Medium
OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)
CVE-2021-4160
-
Medium
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-4183)
CVE-2021-4183
CWE-125
Medium
Python Unchecked Return Value Vulnerability (CVE-2021-4189)
CVE-2021-4189
CWE-252
Medium
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231)
CVE-2021-4231
CWE-707
Medium
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)
CVE-2022-0174
CWE-20
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-0334)
CVE-2022-0334
CWE-668
Medium
Dolibarr Other Vulnerability (CVE-2022-0414)
CVE-2022-0414
-
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
CVE-2022-0731
CWE-863
Medium
Dolibarr Other Vulnerability (CVE-2022-0746)
CVE-2022-0746
-
Medium
reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-0776)
CVE-2022-0776
CWE-707
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)
CVE-2022-0866
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2022-0984)
CVE-2022-0984
CWE-863
Medium
Moodle Improper Authentication Vulnerability (CVE-2022-0985)
CVE-2022-0985
CWE-287
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1208)
CVE-2022-1208
CWE-707
Medium
WordPress Ultimate Member Plugin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-1209)
CVE-2022-1209
CWE-601
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340)
CVE-2022-1340
CWE-707
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2022-1343)
CVE-2022-1343
CWE-295
Medium
YetiForce CRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-1411)
CVE-2022-1411
CWE-434
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-1434)
CVE-2022-1434
CWE-327
Medium
Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726)
CVE-2022-1726
CWE-707
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-20612)
CVE-2022-20612
CWE-352
Medium
MySQL CVE-2022-21245 Vulnerability (CVE-2022-21245)
CVE-2022-21245
-
Medium
Oracle JRE CVE-2022-21248 Vulnerability (CVE-2022-21248)
CVE-2022-21248
-
Medium
WebLogic CVE-2022-21252 Vulnerability (CVE-2022-21252)
CVE-2022-21252
-
Medium
MySQL CVE-2022-21253 Vulnerability (CVE-2022-21253)
CVE-2022-21253
-
Medium
MySQL CVE-2022-21254 Vulnerability (CVE-2022-21254)
CVE-2022-21254
-
Medium
« Previous
1
...
88
89
90
91
92
93
94
95
...
110
Next »
