Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)
CVE-2021-3642
-
Medium
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38267)
CVE-2021-38267
CWE-707
Medium
Atlassian Jira Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-39127)
CVE-2021-39127
CWE-668
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-38268)
CVE-2021-38268
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268)
CVE-2021-38268
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)
CVE-2021-38269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)
CVE-2021-38269
CWE-707
Medium
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745)
CVE-2021-38745
CWE-94
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39111)
CVE-2021-39111
CWE-707
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)
CVE-2021-39112
CWE-601
Medium
Atlassian Jira CVE-2021-39116 Vulnerability (CVE-2021-39116)
CVE-2021-39116
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39117)
CVE-2021-39117
CWE-707
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39118)
CVE-2021-39118
CWE-200
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-39119)
CVE-2021-39119
CWE-287
Medium
Atlassian Jira CVE-2021-39121 Vulnerability (CVE-2021-39121)
CVE-2021-39121
-
Medium
Atlassian Jira CVE-2021-39122 Vulnerability (CVE-2021-39122)
CVE-2021-39122
-
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39125)
CVE-2021-39125
CWE-200
Medium
Next.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39178)
CVE-2021-39178
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539)
CVE-2021-3539
CWE-707
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39200)
CVE-2021-39200
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39201)
CVE-2021-39201
CWE-707
Medium
Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39391)
CVE-2021-39391
CWE-707
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39413)
CVE-2021-39413
CWE-707
Medium
SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2021-3002)
CVE-2021-3002
-
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3137)
CVE-2021-3137
CWE-707
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-3281)
CVE-2021-3281
CWE-22
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298)
CVE-2021-3298
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3313)
CVE-2021-3313
CWE-707
Medium
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3314)
CVE-2021-3314
CWE-707
Medium
PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-3393)
CVE-2021-3393
CWE-209
Medium
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-3426)
CVE-2021-3426
CWE-200
Medium
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2021-3449)
CVE-2021-3449
CWE-476
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3536)
CVE-2021-3536
CWE-707
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-23754)
CVE-2023-23754
CWE-601
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23922)
CVE-2023-23922
CWE-707
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26034)
CVE-2021-26034
CWE-352
Medium
Craft CMS Files or Directories Accessible to External Parties Vulnerability (CVE-2024-52292)
CVE-2024-52292
CWE-552
Medium
SharePoint CVE-2024-49062 Vulnerability (CVE-2024-49062)
CVE-2024-49062
-
Medium
SharePoint CVE-2024-49064 Vulnerability (CVE-2024-49064)
CVE-2024-49064
-
Medium
SharePoint CVE-2024-49065 Vulnerability (CVE-2024-49065)
CVE-2024-49065
-
Medium
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-49766)
CVE-2024-49766
CWE-22
Medium
PostgreSQL Missing Authorization Vulnerability (CVE-2024-4317)
CVE-2024-4317
CWE-862
Medium
WP Plugin Advanced Custom Fields CVE-2024-4565 Vulnerability (CVE-2024-4565)
CVE-2024-4565
-
Medium
WP Plugin Contact Form 7 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-4704)
CVE-2024-4704
CWE-601
Medium
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-50337)
CVE-2024-50337
CWE-918
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50801)
CVE-2024-50801
CWE-138
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50802)
CVE-2024-50802
CWE-138
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51142)
CVE-2024-51142
CWE-707
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488)
CVE-2024-51488
CWE-352
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489)
CVE-2024-51489
CWE-352
Medium
Apache Tomcat Inadequate Encryption Strength Vulnerability (CVE-2024-52317)
CVE-2024-52317
CWE-326
Medium
Moodle CVE-2024-48900 Vulnerability (CVE-2024-48900)
CVE-2024-48900
-
Medium
Apache Tomcat Inadequate Encryption Strength Vulnerability (CVE-2024-52318)
CVE-2024-52318
CWE-326
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-52701)
CVE-2024-52701
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-52702)
CVE-2024-52702
CWE-707
Medium
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-54677)
CVE-2024-54677
CWE-400
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-55635)
CVE-2024-55635
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876)
CVE-2024-55876
CWE-862
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-55891)
CVE-2024-55891
CWE-532
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-55892)
CVE-2024-55892
CWE-601
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55893)
CVE-2024-55893
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55894)
CVE-2024-55894
CWE-352
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55920)
CVE-2024-55920
CWE-749
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55922)
CVE-2024-55922
CWE-749
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55923)
CVE-2024-55923
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55945)
CVE-2024-55945
CWE-352
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48901)
CVE-2024-48901
CWE-863
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-48899)
CVE-2024-48899
CWE-639
Medium
Apache Traffic Server CVE-2024-56196 Vulnerability (CVE-2024-56196)
CVE-2024-56196
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46605)
CVE-2024-46605
CWE-707
Medium
Django CVE-2024-45231 Vulnerability (CVE-2024-45231)
CVE-2024-45231
-
Medium