Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075) CVE-2014-4075 CWE-707 CWE-707 Medium ASP.NET path disclosure CWE-200 CWE-200 Low ASP.NET potential HTTP Verb Tampering CWE-16 CWE-16 Medium ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042) CVE-2013-5042 CWE-707 CWE-707 Medium ASP.NET ValidateRequest Is Globally Disabled CWE-707 CWE-707 Medium ASP.NET viewstate encryption disabled CWE-16 CWE-16 Medium ASP.NET ViewStateUserKey Is Not Set CWE-642 CWE-642 Low ASP.NET WCF metadata enabled for behavior CWE-16 CWE-16 Medium ASP.NET WCF replay attacks are not detected CWE-16 CWE-16 Medium ASP.NET WCF service include exception details CWE-16 CWE-16 Medium Atlassian Confluence Access Restriction Bypass CVE-2017-9505 Medium Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342) CVE-2012-6342 CWE-352 CWE-352 Medium Atlassian Confluence CVE-2012-2926 Vulnerability (CVE-2012-2926) CVE-2012-2926 Critical Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448) CVE-2020-29448 Medium Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503) CVE-2023-22503 Medium Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505) CVE-2023-22505 High Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508) CVE-2023-22508 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399) CVE-2015-8399 CWE-200 CWE-200 Medium Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668) CVE-2016-6668 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415) CVE-2017-7415 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237) CVE-2018-20237 CWE-200 CWE-200 Medium Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006) CVE-2019-15006 CWE-913 CWE-913 Medium Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389) CVE-2018-13389 CWE-20 CWE-20 Medium Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3394) CVE-2019-3394 CWE-22 CWE-22 High Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396) CVE-2019-3396 CWE-22 CWE-22 Critical Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3398) CVE-2019-3398 CWE-22 CWE-22 High Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8398) CVE-2015-8398 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4317) CVE-2016-4317 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283) CVE-2016-6283 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16856) CVE-2017-16856 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18083) CVE-2017-18083 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18084) CVE-2017-18084 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18085) CVE-2017-18085 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18086) CVE-2017-18086 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239) CVE-2018-20239 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102) CVE-2019-20102 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14175) CVE-2020-14175 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29444) CVE-2020-29444 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36290) CVE-2020-36290 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-4027) CVE-2020-4027 CWE-138 CWE-138 Medium Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26084) CVE-2021-26084 CWE-138 CWE-138 Critical Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39114) CVE-2021-39114 CWE-138 CWE-138 High Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136) CVE-2022-26136 CWE-180 CWE-180 Critical Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137) CVE-2022-26137 CWE-180 CWE-180 Critical Atlassian Confluence Incorrect Default Permissions Vulnerability (CVE-2017-9505) CVE-2017-9505 CWE-276 CWE-276 Medium Atlassian Confluence information disclosure CVE-2017-7415 High Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005) CVE-2019-15005 CWE-862 CWE-862 Medium Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085) CVE-2021-26085 CWE-862 CWE-862 Medium Atlassian Confluence Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928) CVE-2012-2928 CWE-264 CWE-264 Medium Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395) CVE-2019-3395 CWE-918 CWE-918 Critical Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445) CVE-2020-29445 CWE-918 CWE-918 Medium Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072) CVE-2021-26072 CWE-918 CWE-918 Medium Atlassian Confluence Stored Cross Site Scripting CVE-2016-6283 Medium Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134) CVE-2022-26134 Critical Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406) CVE-2019-20406 CWE-427 CWE-427 High Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940) CVE-2021-43940 CWE-427 CWE-427 High Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-29450) CVE-2020-29450 CWE-434 CWE-434 Medium Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504) CVE-2023-22504 CWE-434 CWE-434 Medium Atlassian Crowd Remote Code Execution CVE-2019-11580 CWE-78 CWE-78 High Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-14174) CVE-2020-14174 CWE-639 CWE-639 Medium Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-36231) CVE-2020-36231 CWE-639 CWE-639 Medium Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41305) CVE-2021-41305 CWE-639 CWE-639 High Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306) CVE-2021-41306 CWE-639 CWE-639 High Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41307) CVE-2021-41307 CWE-639 CWE-639 High Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6832) CVE-2008-6832 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-4319) CVE-2016-4319 CWE-352 CWE-352 High Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862) CVE-2017-16862 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-18033) CVE-2017-18033 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447) CVE-2019-8447 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11586) CVE-2019-11586 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11587) CVE-2019-11587 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588) CVE-2019-11588 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998) CVE-2019-14998 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098) CVE-2019-20098 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099) CVE-2019-20099 CWE-352 CWE-352 Medium 1...10111213...275 11 / 275
