🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42048)
CVE-2021-42048
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Roundcube Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-57004)
CVE-2024-57004
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174)
CVE-2021-41174
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
PHP Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-5458)
CVE-2024-5458
CWE-345
Medium
TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114)
CVE-2021-41114
CWE-644
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
Nexus Repository Manager Use of Hard-coded Credentials Vulnerability (CVE-2024-5764)
CVE-2024-5764
CWE-798
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40888)
CVE-2021-40888
CWE-707
Medium
MongoDb Missing Authorization Vulnerability (CVE-2024-6375)
CVE-2024-6375
CWE-862
Medium
MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)
CVE-2024-6384
-
Medium
ProjectSend Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-40886)
CVE-2021-40886
CWE-22
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40882)
CVE-2021-40882
CWE-707
Medium
Moodle CVE-2021-40695 Vulnerability (CVE-2021-40695)
CVE-2021-40695
-
Medium
Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694)
CVE-2021-40694
CWE-116
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6700)
CVE-2024-6700
CWE-707
Medium
Moodle Improper Authentication Vulnerability (CVE-2021-40693)
CVE-2021-40693
CWE-287
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6701)
CVE-2024-6701
CWE-707
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2021-40692)
CVE-2021-40692
CWE-863
Medium
Moodle CVE-2021-40691 Vulnerability (CVE-2021-40691)
CVE-2021-40691
-
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6702)
CVE-2024-6702
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
Jetty Other Vulnerability (CVE-2024-6763)
CVE-2024-6763
-
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55920)
CVE-2024-55920
CWE-749
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42047)
CVE-2021-42047
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42046)
CVE-2021-42046
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42045)
CVE-2021-42045
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42044)
CVE-2021-42044
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42043)
CVE-2021-42043
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42042)
CVE-2021-42042
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42041)
CVE-2021-42041
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876)
CVE-2024-55876
CWE-862
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41866)
CVE-2021-41866
CWE-707
Medium
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
CVE-2021-41834
CWE-732
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-55891)
CVE-2024-55891
CWE-532
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-55892)
CVE-2024-55892
CWE-601
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55893)
CVE-2024-55893
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55894)
CVE-2024-55894
CWE-352
Medium
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41800)
CVE-2021-41800
CWE-770
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55922)
CVE-2024-55922
CWE-749
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41798)
CVE-2021-41798
CWE-707
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55923)
CVE-2024-55923
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55945)
CVE-2024-55945
CWE-352
Medium
silverstripeCMS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2021-41559)
CVE-2021-41559
CWE-776
Medium
Apache Traffic Server CVE-2024-56195 Vulnerability (CVE-2024-56195)
CVE-2024-56195
-
Medium
Apache Traffic Server CVE-2024-56196 Vulnerability (CVE-2024-56196)
CVE-2024-56196
-
Medium
Apache Traffic Server CVE-2024-56202 Vulnerability (CVE-2024-56202)
CVE-2024-56202
-
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41308)
CVE-2021-41308
CWE-287
Medium
Next.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-56332)
CVE-2024-56332
CWE-770
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41304)
CVE-2021-41304
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-6762)
CVE-2024-6762
CWE-770
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40678)
CVE-2021-40678
CWE-707
Medium
SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2021-3002)
CVE-2021-3002
-
Medium
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-3426)
CVE-2021-3426
CWE-200
Medium
Python Incorrect Type Conversion or Cast Vulnerability (CVE-2025-12781)
CVE-2025-12781
CWE-704
Medium
MongoDb Improper Certificate Validation Vulnerability (CVE-2025-12893)
CVE-2025-12893
CWE-295
Medium
Drupal Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-13080)
CVE-2025-13080
CWE-754
Medium
Drupal Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2025-13081)
CVE-2025-13081
CWE-915
Medium
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
«
1
...
119
120
121
...
201
»