Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43807)
CVE-2025-43807
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43787)
CVE-2025-43787
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43817)
CVE-2025-43817
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43824)
CVE-2025-43824
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43823)
CVE-2025-43823
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43823)
CVE-2025-43823
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43822)
CVE-2025-43822
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43822)
CVE-2025-43822
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43821)
CVE-2025-43821
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43821)
CVE-2025-43821
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43820)
CVE-2025-43820
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43820)
CVE-2025-43820
CWE-707
Medium
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2025-43819)
CVE-2025-43819
CWE-613
Medium
Liferay DXP Insufficient Session Expiration Vulnerability (CVE-2025-43819)
CVE-2025-43819
CWE-613
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43818)
CVE-2025-43818
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43818)
CVE-2025-43818
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43817)
CVE-2025-43817
CWE-707
Medium
Path Traversal in Next.js up to 9.3.1
CVE-2020-5284
CWE-22
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43807)
CVE-2025-43807
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43815)
CVE-2025-43815
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43815)
CVE-2025-43815
CWE-707
Medium
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43814)
CVE-2025-43814
CWE-201
Medium
Liferay DXP Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43814)
CVE-2025-43814
CWE-201
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43812)
CVE-2025-43812
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43812)
CVE-2025-43812
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43811)
CVE-2025-43811
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43811)
CVE-2025-43811
CWE-707
Medium
Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43810)
CVE-2025-43810
CWE-639
Medium
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43810)
CVE-2025-43810
CWE-639
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-43809)
CVE-2025-43809
CWE-352
Medium
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-43809)
CVE-2025-43809
CWE-352
Medium
Liferay DXP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-43808)
CVE-2025-43808
CWE-732
Medium
Liferay Portal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-43808)
CVE-2025-43808
CWE-732
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43787)
CVE-2025-43787
CWE-707
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2025-43786)
CVE-2025-43786
CWE-203
Medium
Liferay DXP Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43825)
CVE-2025-43825
CWE-201
Medium
Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-43747)
CVE-2025-43747
CWE-918
Medium
Liferay Portal Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-43763)
CVE-2025-43763
CWE-918
Medium
Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-43763)
CVE-2025-43763
CWE-918
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-43762)
CVE-2025-43762
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-43762)
CVE-2025-43762
CWE-770
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43761)
CVE-2025-43761
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43761)
CVE-2025-43761
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43757)
CVE-2025-43757
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43757)
CVE-2025-43757
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43756)
CVE-2025-43756
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43756)
CVE-2025-43756
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43755)
CVE-2025-43755
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43755)
CVE-2025-43755
CWE-707
Medium
Liferay DXP Observable Timing Discrepancy Vulnerability (CVE-2025-43754)
CVE-2025-43754
CWE-208
Medium
Liferay Portal Observable Timing Discrepancy Vulnerability (CVE-2025-43754)
CVE-2025-43754
CWE-208
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43746)
CVE-2025-43746
CWE-707
Medium
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2025-43764)
CVE-2025-43764
CWE-1333
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43746)
CVE-2025-43746
CWE-707
Medium
LimeSurvey Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2025-41376)
CVE-2025-41376
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-41117)
CVE-2025-41117
CWE-707
Medium
LimeSurvey Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-41076)
CVE-2025-41076
CWE-209
Medium
Odoo XSS (CVE-2023-1434)
CVE-2023-1434
CWE-79
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-40627)
CVE-2025-40627
CWE-707
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-40626)
CVE-2025-40626
CWE-707
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3647)
CVE-2025-3647
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3645)
CVE-2025-3645
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3644)
CVE-2025-3644
CWE-863
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3643)
CVE-2025-3643
CWE-707
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3640)
CVE-2025-3640
CWE-639
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3636)
CVE-2025-3636
CWE-639
Medium
Moodle Improper Authentication Vulnerability (CVE-2025-3634)
CVE-2025-3634
CWE-287
Medium
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2025-43764)
CVE-2025-43764
CWE-1333
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43765)
CVE-2025-43765
CWE-707
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2025-43786)
CVE-2025-43786
CWE-203
Medium
Liferay DXP Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-43777)
CVE-2025-43777
CWE-209
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43785)
CVE-2025-43785
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43785)
CVE-2025-43785
CWE-707
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-43784)
CVE-2025-43784
CWE-863
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2025-43784)
CVE-2025-43784
CWE-863
Medium