Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-20959) CVE-2026-20959 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-33113) CVE-2026-33113 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45453) CVE-2026-45453 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45462) CVE-2026-45462 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45464) CVE-2026-45464 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45465) CVE-2026-45465 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45467) CVE-2026-45467 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45468) CVE-2026-45468 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45479) CVE-2026-45479 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45481) CVE-2026-45481 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-45483) CVE-2026-45483 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47634) CVE-2026-47634 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47636) CVE-2026-47636 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47637) CVE-2026-47637 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47638) CVE-2026-47638 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47639) CVE-2026-47639 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-47640) CVE-2026-47640 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-48560) CVE-2026-48560 CWE-707 CWE-707 Medium SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-48562) CVE-2026-48562 CWE-707 CWE-707 Medium SharePoint Improper Privilege Management Vulnerability (CVE-2021-1712) CVE-2021-1712 CWE-269 CWE-269 Medium SharePoint Improper Privilege Management Vulnerability (CVE-2021-1719) CVE-2021-1719 CWE-269 CWE-269 Medium SharePoint Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-42309) CVE-2021-42309 CWE-732 CWE-732 Medium SharePoint Interpretation Conflict Vulnerability (CVE-2021-28474) CVE-2021-28474 CWE-436 CWE-436 Medium SharePoint Origin Validation Error Vulnerability (CVE-2019-1442) CVE-2019-1442 CWE-346 CWE-346 Medium SharePoint Out-of-bounds Read Vulnerability (CVE-2020-1342) CVE-2020-1342 CWE-125 CWE-125 Medium SharePoint Out-of-bounds Read Vulnerability (CVE-2026-44821) CVE-2026-44821 CWE-125 CWE-125 Medium SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1860) CVE-2012-1860 CWE-264 CWE-264 Medium SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3895) CVE-2013-3895 CWE-264 CWE-264 Medium SharePoint Reflected Cross-Site Scripting (CVE-2017-8514) CVE-2017-8514 CWE-80 CWE-80 Medium SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-20958) CVE-2026-20958 CWE-918 CWE-918 Medium SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1443) CVE-2019-1443 CWE-434 CWE-434 Medium SharePoint URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1323) CVE-2020-1323 CWE-601 CWE-601 Medium silverstripeCMS Credentials Management Errors Vulnerability (CVE-2010-5080) CVE-2010-5080 Medium silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5088) CVE-2010-5088 CWE-352 CWE-352 Medium silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12246) CVE-2019-12246 CWE-352 CWE-352 Medium silverstripeCMS Cryptographic Issues Vulnerability (CVE-2010-5079) CVE-2010-5079 Medium silverstripeCMS CVE-2019-16409 Vulnerability (CVE-2019-16409) CVE-2019-16409 Medium silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-4822) CVE-2010-4822 CWE-200 CWE-200 Medium silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5187) CVE-2010-5187 CWE-200 CWE-200 Medium silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5188) CVE-2010-5188 CWE-200 CWE-200 Medium silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6789) CVE-2013-6789 CWE-200 CWE-200 Medium silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12849) CVE-2017-12849 CWE-200 CWE-200 Medium silverstripeCMS Files or Directories Accessible to External Parties Vulnerability (CVE-2019-14273) CVE-2019-14273 CWE-552 CWE-552 Medium silverstripeCMS Improper Authentication Vulnerability (CVE-2020-26136) CVE-2020-26136 CWE-287 CWE-287 Medium silverstripeCMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-5091) CVE-2010-5091 CWE-94 CWE-94 Medium silverstripeCMS Improper Input Validation Vulnerability (CVE-2011-4962) CVE-2011-4962 CWE-20 CWE-20 Medium silverstripeCMS Improper Input Validation Vulnerability (CVE-2013-2653) CVE-2013-2653 CWE-20 CWE-20 Medium silverstripeCMS Improper Input Validation Vulnerability (CVE-2020-26138) CVE-2020-26138 CWE-20 CWE-20 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1593) CVE-2010-1593 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4823) CVE-2010-4823 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5095) CVE-2010-5095 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4958) CVE-2011-4958 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4968) CVE-2012-4968 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6458) CVE-2012-6458 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5063) CVE-2015-5063 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8606) CVE-2015-8606 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5197) CVE-2017-5197 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14498) CVE-2017-14498 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12205) CVE-2019-12205 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14272) CVE-2019-14272 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19325) CVE-2019-19325 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9311) CVE-2020-9311 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36150) CVE-2021-36150 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28803) CVE-2022-28803 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37421) CVE-2022-37421 CWE-707 CWE-707 Medium silverstripeCMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-18049) CVE-2017-18049 CWE-138 CWE-138 Medium silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4824) CVE-2010-4824 CWE-138 CWE-138 Medium silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4959) CVE-2011-4959 CWE-138 CWE-138 Medium silverstripeCMS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2021-41559) CVE-2021-41559 CWE-776 CWE-776 Medium silverstripeCMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25817) CVE-2020-25817 CWE-611 CWE-611 Medium silverstripeCMS Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2019-19326) CVE-2019-19326 Medium silverstripeCMS Incorrect Authorization Vulnerability (CVE-2021-28661) CVE-2021-28661 CWE-863 CWE-863 Medium silverstripeCMS Incorrect Default Permissions Vulnerability (CVE-2020-6165) CVE-2020-6165 CWE-276 CWE-276 Medium silverstripeCMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-12245) CVE-2019-12245 CWE-732 CWE-732 Medium silverstripeCMS Other Vulnerability (CVE-2015-5062) CVE-2015-5062 Medium 1...103104105106...119 104 / 119