Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity ASP.NET Cookieless session state enabled CWE-598 CWE-598 Medium ASP.NET cookies accessible from client-side scripts CWE-1004 CWE-1004 Medium ASP.NET Core Development Mode enabled CWE-200 CWE-200 Medium ASP.NET CustomErrors Is Disabled CWE-12 CWE-12 Medium ASP.NET Deny missing from authorization rule on location CWE-16 CWE-16 Medium ASP.NET diagnostic page CWE-200 CWE-200 Medium ASP.NET error message CWE-12 CWE-12 Medium ASP.NET event validation disabled CWE-16 CWE-16 Medium ASP.NET expired session IDs are not regenerated CWE-16 CWE-16 Medium ASP.NET forms authentication using inadequate protection CWE-16 CWE-16 Medium ASP.NET header checking is disabled in web.config CWE-16 CWE-16 Medium ASP.NET login credentials stored in plain text CWE-256 CWE-256 Medium ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256) CVE-2017-0256 CWE-20 CWE-20 Medium ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075) CVE-2014-4075 CWE-707 CWE-707 Medium ASP.NET potential HTTP Verb Tampering CWE-16 CWE-16 Medium ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042) CVE-2013-5042 CWE-707 CWE-707 Medium ASP.NET ValidateRequest Is Globally Disabled CWE-707 CWE-707 Medium ASP.NET viewstate encryption disabled CWE-16 CWE-16 Medium ASP.NET WCF metadata enabled for behavior CWE-16 CWE-16 Medium ASP.NET WCF replay attacks are not detected CWE-16 CWE-16 Medium ASP.NET WCF service include exception details CWE-16 CWE-16 Medium Atlassian Confluence Access Restriction Bypass CVE-2017-9505 Medium Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342) CVE-2012-6342 CWE-352 CWE-352 Medium Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448) CVE-2020-29448 Medium Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503) CVE-2023-22503 Medium Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399) CVE-2015-8399 CWE-200 CWE-200 Medium Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237) CVE-2018-20237 CWE-200 CWE-200 Medium Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006) CVE-2019-15006 CWE-913 CWE-913 Medium Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389) CVE-2018-13389 CWE-20 CWE-20 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8398) CVE-2015-8398 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4317) CVE-2016-4317 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283) CVE-2016-6283 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16856) CVE-2017-16856 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18083) CVE-2017-18083 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18084) CVE-2017-18084 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18085) CVE-2017-18085 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18086) CVE-2017-18086 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239) CVE-2018-20239 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102) CVE-2019-20102 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14175) CVE-2020-14175 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29444) CVE-2020-29444 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36290) CVE-2020-36290 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-4027) CVE-2020-4027 CWE-138 CWE-138 Medium Atlassian Confluence Incorrect Default Permissions Vulnerability (CVE-2017-9505) CVE-2017-9505 CWE-276 CWE-276 Medium Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005) CVE-2019-15005 CWE-862 CWE-862 Medium Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085) CVE-2021-26085 CWE-862 CWE-862 Medium Atlassian Confluence Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928) CVE-2012-2928 CWE-264 CWE-264 Medium Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445) CVE-2020-29445 CWE-918 CWE-918 Medium Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072) CVE-2021-26072 CWE-918 CWE-918 Medium Atlassian Confluence Stored Cross Site Scripting CVE-2016-6283 Medium Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-29450) CVE-2020-29450 CWE-434 CWE-434 Medium Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504) CVE-2023-22504 CWE-434 CWE-434 Medium Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-14174) CVE-2020-14174 CWE-639 CWE-639 Medium Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-36231) CVE-2020-36231 CWE-639 CWE-639 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6832) CVE-2008-6832 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862) CVE-2017-16862 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-18033) CVE-2017-18033 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447) CVE-2019-8447 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11586) CVE-2019-11586 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11587) CVE-2019-11587 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588) CVE-2019-11588 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998) CVE-2019-14998 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098) CVE-2019-20098 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099) CVE-2019-20099 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20100) CVE-2019-20100 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20401) CVE-2019-20401 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405) CVE-2019-20405 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20411) CVE-2019-20411 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20415) CVE-2019-20415 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43941) CVE-2021-43941 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43952) CVE-2021-43952 CWE-352 CWE-352 Medium Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953) CVE-2021-43953 CWE-352 CWE-352 Medium Atlassian Jira CVE-2019-8448 Vulnerability (CVE-2019-8448) CVE-2019-8448 Medium Atlassian Jira CVE-2019-11583 Vulnerability (CVE-2019-11583) CVE-2019-11583 Medium Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402) CVE-2019-20402 Medium 1...5678...94 6 / 94
