Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as OWASP 2013-A3 that can be detected by Invicti.

Select Category

Critical

High

Select Vulnerability

Vulnerability Name

Classification

Severity

Base Tag Hijacking

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

,

CWE-20

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

Medium

Blind Cross-site Scripting

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High

Cross-site Scripting

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High

Cross-site Scripting (DOM based)

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High

Cross-site Scripting via File Upload

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High

Cross-site Scripting via Remote File Inclusion

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High

SAML Consumer Service XSS Vulnerability

CAPEC-19

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

Medium

Stored Cross-site Scripting

CAPEC-19

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

,

CWE-79

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A3

,

OWASP 2017-A7

,

PCI v3.2-6.5.7

,

WASC-8

,

High