Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Medium Severity Vulnerabilities
Found
8230 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552)
CVE-2022-23552
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)
CVE-2022-23599
CWE-707
Medium
Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606)
CVE-2022-23606
CWE-674
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)
CVE-2022-23615
CWE-863
Medium
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)
CVE-2022-23616
CWE-138
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-23617)
CVE-2022-23617
CWE-862
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)
CVE-2022-23620
CWE-116
Medium
XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621)
CVE-2022-23621
CWE-552
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23622)
CVE-2022-23622
CWE-707
Medium
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
CVE-2022-23633
-
Medium
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
CVE-2022-23634
-
Medium
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-23794)
CVE-2022-23794
CWE-209
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)
CVE-2022-23796
CWE-707
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)
CVE-2022-23798
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)
CVE-2022-23800
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)
CVE-2022-23801
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2022-23807)
CVE-2022-23807
CWE-287
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23808)
CVE-2022-23808
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)
CVE-2022-23871
CWE-707
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2022-24272)
CVE-2022-24272
CWE-617
Medium
silverstripeCMS Session Fixation Vulnerability (CVE-2022-24444)
CVE-2022-24444
CWE-384
Medium
SharePoint CVE-2022-24472 Vulnerability (CVE-2022-24472)
CVE-2022-24472
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24620)
CVE-2022-24620
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Medium
Drupal Improper Input Validation Vulnerability (CVE-2022-24775)
CVE-2022-24775
CWE-20
Medium
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-24819)
CVE-2022-24819
CWE-359
Medium
XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820)
CVE-2022-24820
CWE-306
Medium
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839)
CVE-2022-24839
CWE-400
Medium
WebLogic Other Vulnerability (CVE-2022-24891)
CVE-2022-24891
-
Medium
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24897)
CVE-2022-24897
CWE-22
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24899)
CVE-2022-24899
CWE-707
Medium
Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146)
CVE-2022-25146
CWE-346
Medium
Liferay DXP Origin Validation Error Vulnerability (CVE-2022-25146)
CVE-2022-25146
CWE-346
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
CVE-2022-25270
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
CVE-2022-25274
CWE-863
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25276)
CVE-2022-25276
CWE-707
Medium
Drupal CVE-2022-25278 Vulnerability (CVE-2022-25278)
CVE-2022-25278
-
Medium
Oracle HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2022-25313)
CVE-2022-25313
CWE-400
Medium
ownCloud Other Vulnerability (CVE-2022-25338)
CVE-2022-25338
-
Medium
ownCloud Other Vulnerability (CVE-2022-25339)
CVE-2022-25339
-
Medium
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869)
CVE-2022-25869
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26594)
CVE-2022-26594
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595)
CVE-2022-26595
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)
CVE-2022-27422
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425)
CVE-2022-27425
CWE-707
Medium
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27907)
CVE-2022-27907
CWE-918
Medium
Joomla CVE-2022-27911 Vulnerability (CVE-2022-27911)
CVE-2022-27911
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)
CVE-2022-27912
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)
CVE-2022-27913
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)
CVE-2022-27914
CWE-707
Medium
MediaWiki Uncontrolled Recursion Vulnerability (CVE-2022-28201)
CVE-2022-28201
CWE-674
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28202)
CVE-2022-28202
CWE-707
Medium
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
CVE-2022-28330
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378)
CVE-2022-28378
CWE-707
Medium
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
CVE-2022-28614
-
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28803)
CVE-2022-28803
CWE-707
Medium
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923)
CVE-2022-28923
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28979)
CVE-2022-28979
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28979)
CVE-2022-28979
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28980)
CVE-2022-28980
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28982)
CVE-2022-28982
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28982)
CVE-2022-28982
CWE-707
Medium
SharePoint CVE-2022-29108 Vulnerability (CVE-2022-29108)
CVE-2022-29108
-
Medium
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2022-29224)
CVE-2022-29224
CWE-476
Medium
« Previous
1
...
91
92
93
94
95
96
97
98
...
110
Next »
