Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Missing Update
This page lists
22224 vulnerabilities
in this category.
Critical: 1394
High: 12186
Medium: 7891
Low: 749
Information: 4
Vulnerability Name
CVE
CWE
Severity
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21657)
CVE-2022-21657
CWE-295
Medium
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26086)
CVE-2021-26086
CWE-22
Medium
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072)
CVE-2021-26072
CWE-918
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22293)
CVE-2022-22293
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)
CVE-2021-26032
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26079)
CVE-2021-26079
CWE-707
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21673)
CVE-2022-21673
CWE-200
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26082)
CVE-2021-26082
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-21702)
CVE-2022-21702
CWE-707
Medium
Atlassian Jira CVE-2021-26081 Vulnerability (CVE-2021-26081)
CVE-2021-26081
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26080)
CVE-2021-26080
CWE-707
Medium
Grafana Incorrect Authorization Vulnerability (CVE-2022-21713)
CVE-2022-21713
CWE-863
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26078)
CVE-2021-26078
CWE-707
Medium
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2022-22005)
CVE-2022-22005
CWE-502
Medium
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
CVE-2021-26085
CWE-862
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-21662)
CVE-2022-21662
CWE-707
Medium
Atlassian Jira CVE-2021-26075 Vulnerability (CVE-2021-26075)
CVE-2021-26075
-
Medium
SharePoint CVE-2022-21840 Vulnerability (CVE-2022-21840)
CVE-2022-21840
-
Medium
SharePoint CVE-2022-21968 Vulnerability (CVE-2022-21968)
CVE-2022-21968
-
Medium
SharePoint CVE-2022-21987 Vulnerability (CVE-2022-21987)
CVE-2022-21987
-
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23494)
CVE-2022-23494
CWE-707
Medium
Joomla CVE-2021-26031 Vulnerability (CVE-2021-26031)
CVE-2021-26031
-
Medium
SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)
CVE-2021-24104
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)
CVE-2022-23801
CWE-707
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)
CVE-2021-26271
CWE-829
Medium
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-23794)
CVE-2022-23794
CWE-209
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)
CVE-2022-23796
CWE-707
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)
CVE-2022-23798
CWE-601
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)
CVE-2022-23800
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2022-23807)
CVE-2022-23807
CWE-287
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26028)
CVE-2021-26028
CWE-22
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23808)
CVE-2022-23808
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)
CVE-2022-23871
CWE-707
Medium
Oracle HTTP Server CVE-2021-25219 Vulnerability (CVE-2021-25219)
CVE-2021-25219
-
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24306)
CVE-2021-24306
CWE-707
Medium
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
CVE-2021-24122
CWE-706
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272)
CVE-2021-26272
CWE-829
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)
CVE-2021-26027
CWE-863
Medium
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
CVE-2022-23634
-
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2022-23501)
CVE-2022-23501
CWE-287
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)
CVE-2022-23615
CWE-863
Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)
CVE-2022-23502
CWE-613
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)
CVE-2021-26030
CWE-707
Medium
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)
CVE-2022-23504
CWE-138
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552)
CVE-2022-23552
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)
CVE-2022-23599
CWE-707
Medium
Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606)
CVE-2022-23606
CWE-674
Medium
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)
CVE-2022-23616
CWE-138
Medium
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
CVE-2022-23633
-
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-23617)
CVE-2022-23617
CWE-862
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
Joomla Improper Input Validation Vulnerability (CVE-2021-26029)
CVE-2021-26029
CWE-20
Medium
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)
CVE-2022-23620
CWE-116
Medium
XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621)
CVE-2022-23621
CWE-552
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23622)
CVE-2022-23622
CWE-707
Medium
MySQL NULL Pointer Dereference Vulnerability (CVE-2021-22570)
CVE-2021-22570
CWE-476
Medium
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
CVE-2022-28330
-
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220)
CVE-2021-20220
CWE-444
Medium
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)
CVE-2021-21027
CWE-352
Medium
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2021-20496)
CVE-2021-20496
CWE-20
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20503)
CVE-2021-20503
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20504)
CVE-2021-20504
CWE-707
Medium
Nginx Use After Free Vulnerability (CVE-2022-32414)
CVE-2022-32414
CWE-416
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20506)
CVE-2021-20506
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20507)
CVE-2021-20507
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20518)
CVE-2021-20518
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-32074)
CVE-2022-32074
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20519)
CVE-2021-20519
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20520)
CVE-2021-20520
CWE-707
Medium
Magento Improper Access Control Vulnerability (CVE-2021-21020)
CVE-2021-21020
CWE-284
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21022)
CVE-2021-21022
CWE-285
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023)
CVE-2021-21023
CWE-707
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21026)
CVE-2021-21026
CWE-285
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029)
CVE-2021-21029
CWE-707
Medium
«
1
...
246
247
248
...
297
»
