Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072)
CVE-2021-26072
CWE-918
Medium
Joomla Other Vulnerability (CVE-2023-23752)
CVE-2023-23752
-
Medium
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26069)
CVE-2021-26069
CWE-138
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26039)
CVE-2021-26039
CWE-707
Medium
Joomla Insufficient Session Expiration Vulnerability (CVE-2021-26037)
CVE-2021-26037
CWE-613
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-23754)
CVE-2023-23754
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26035)
CVE-2021-26035
CWE-707
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26034)
CVE-2021-26034
CWE-352
Medium
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
CVE-2021-26033
CWE-352
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)
CVE-2021-26032
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)
CVE-2021-26030
CWE-707
Medium
SharePoint CVE-2021-24071 Vulnerability (CVE-2021-24071)
CVE-2021-24071
-
Medium
Joomla Improper Input Validation Vulnerability (CVE-2021-26029)
CVE-2021-26029
CWE-20
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26028)
CVE-2021-26028
CWE-22
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)
CVE-2021-26027
CWE-863
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23921)
CVE-2023-23921
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23922)
CVE-2023-23922
CWE-707
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
Oracle HTTP Server CVE-2021-25219 Vulnerability (CVE-2021-25219)
CVE-2021-25219
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23927)
CVE-2023-23927
CWE-707
Medium
ownCloud Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-23948)
CVE-2023-23948
CWE-138
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24306)
CVE-2021-24306
CWE-707
Medium
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
CVE-2021-24122
CWE-706
Medium
SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)
CVE-2021-24104
-
Medium
SharePoint CVE-2021-24072 Vulnerability (CVE-2021-24072)
CVE-2021-24072
-
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29515)
CVE-2023-29515
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9584)
CVE-2020-9584
CWE-707
Medium
MySQL CVE-2020-2925 Vulnerability (CVE-2020-2925)
CVE-2020-2925
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33941)
CVE-2023-33941
CWE-707
Medium
Atlassian Jira CVE-2020-4029 Vulnerability (CVE-2020-4029)
CVE-2020-4029
-
Medium
Atlassian Jira Observable Discrepancy Vulnerability (CVE-2020-4028)
CVE-2020-4028
CWE-203
Medium
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-4027)
CVE-2020-4027
CWE-138
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939)
CVE-2023-33939
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4025)
CVE-2020-4025
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4024)
CVE-2020-4024
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4022)
CVE-2020-4022
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4021)
CVE-2020-4021
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3758)
CVE-2020-3758
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33940)
CVE-2023-33940
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33940)
CVE-2023-33940
CWE-707
Medium
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-3717)
CVE-2020-3717
CWE-22
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33942)
CVE-2023-33942
CWE-707
Medium
WordPress Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2020-4047)
CVE-2020-4047
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33943)
CVE-2023-33943
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3715)
CVE-2020-3715
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33944)
CVE-2023-33944
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36501)
CVE-2020-36501
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36399)
CVE-2020-36399
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36398)
CVE-2020-36398
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33944)
CVE-2023-33944
CWE-707
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36290)
CVE-2020-36290
CWE-707
Medium
Liferay Portal Other Vulnerability (CVE-2023-33946)
CVE-2023-33946
-
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-36289)
CVE-2020-36289
CWE-200
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36288)
CVE-2020-36288
CWE-707
Medium
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36287)
CVE-2020-36287
CWE-863
Medium
Atlassian Jira CVE-2020-36286 Vulnerability (CVE-2020-36286)
CVE-2020-36286
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4046)
CVE-2020-4046
CWE-707
Medium
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-4048)
CVE-2020-4048
CWE-601
Medium
ownCloud Improper Privilege Management Vulnerability (CVE-2020-36251)
CVE-2020-36251
CWE-269
Medium
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4697)
CVE-2020-4697
-
Medium
IBM RTC CVE-2020-4964 Vulnerability (CVE-2020-4964)
CVE-2020-4964
-
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4920)
CVE-2020-4920
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4866)
CVE-2020-4866
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4865)
CVE-2020-4865
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4863)
CVE-2020-4863
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4857)
CVE-2020-4857
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4856)
CVE-2020-4856
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33937)
CVE-2023-33937
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4855)
CVE-2020-4855
CWE-707
Medium
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4733)
CVE-2020-4733
-
Medium
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4699)
CVE-2020-4699
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33937)
CVE-2023-33937
CWE-707
Medium
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)
CVE-2020-4691
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939)
CVE-2023-33939
CWE-707
Medium
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4661)
CVE-2020-4661
-
Medium