Web Vulnerability & Security Check

Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category

Select Vulnerability

Vulnerability Name

Classification

Severity

GibbonEdu Detected

Information

Medium

GlassFish Server Identified

Information

Google Tag Manager Identified

Information

Grafana Identified

Information

Grafana Open Redirect (CVE-2025-4123)

High

GraphiQL Explorer/Playground Enabled

Medium

GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability

Medium

GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability

Medium

GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability

Medium

GraphQL Endpoint Detected

Information

GraphQL Field Suggestions Enabled

Medium

GraphQL Introspection Query Enabled

Medium

GraphQL Library Detected (Apollo)

Information

GraphQL Library Detected (Ariadne)

Information

GraphQL Library Detected (Dgraph)

Information

GraphQL Library Detected (Diana.jl)

Information

GraphQL Library Detected (Directus)

Information

GraphQL Library Detected (GqlGen)

Information

GraphQL Library Detected (Graphene)

Information

GraphQL Library Detected (GraphQL API for Wordpress)

Information

GraphQL Library Detected (Graphql-Go)

Information

GraphQL Library Detected (graphql-java)

Information

GraphQL Library Detected (graphql-php)

Information

GraphQL Library Detected (Hasura)

Information

GraphQL Library Detected (Hot Chocolate)

Information

GraphQL Library Detected (Juniper)

Information

GraphQL Library Detected (Ruby-graphql)

Information

GraphQL Library Detected (Sangria)

Information

GraphQL Library Detected (Tartiflette)

Information

GraphQL Library Detected (WPGraphQL)

Information

GraphQL Non-JSON Mutations over GET: Potential CSRF Vulnerability

Medium

GraphQL Non-JSON Queries over GET: Potential CSRF Vulnerability

Medium

GraphQL Non-JSON Queries over POST: Potential CSRF Vulnerability

Medium

GraphQL Unauthenticated Mutation Detected

Medium

GraphQL Unhandled Error Leakage

Medium

Gsap Identified

Information

Gunicorn Python WSGI HTTP Server Identified

Information

Hammerjs Identified

Information

Handlebarsjs Identified

Information

Information

Hiawatha Identified

Information

Highcharts Identified

Information

.htaccess File Detected

Information

Html5Shiv Identified

Information

HTTP Header Injection

Medium

HTTP Header Injection (IAST)

Medium

HTTP Strict Transport Security (HSTS) Errors and Warnings

Medium

HTTP Strict Transport Security (HSTS) Max-Age Value Too Low

Information

HTTP Strict Transport Security (HSTS) Policy Not Enabled

Medium

HTTP Strict Transport Security (HSTS) via HTTP

Information

HubSpot Identified

Information

IBM Business Process Manager (BPM) Identified

Information

IBM HTTP Server Identified

Information

IBM Rational Team Concert (RTC) Identified

Information

IBM Security Access Manager (WebSEAL) Identified

Information

Information

ImagePicker Identified

Information

Information

Incorrect Content Security Policy (CSP) Implementation

Information

Inferno Identified

Information

Information Disclosure (Microsoft Office)

Low

Insecure Frame (External)

Low

Insecure HTTP Usage

Medium

Insecure JSONP Endpoint

Low

Insecure Protocol Detected in Content Security Policy (CSP)

Information

Insecure Reflected Content

Low

Insecure Transportation Security Protocol Supported (SSLv2)

High

Insecure Transportation Security Protocol Supported (SSLv3)

High

Insecure Transportation Security Protocol Supported (TLS 1.0)

High

Insecure Transportation Security Protocol Supported (TLS 1.1)

Low

Insecure Usage of Version 1 GUID

Information

Installation File Detected

Information

Intermediate Certificate is Signed Using a Weak Signature Algorithm

Information