Cross-Site Request Forgery (CSRF)
| |
Sensitive Cookie in Web Application Without 'HttpOnly' Flag
| |
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
| |
SQL Injection
|
>=1.0.0-beta4, <4.4.12
>=5.0.0-alpha, <5.0.4
|
Exposure of Sensitive Information to an Unauthorized Actor
|
>=1.0.0-beta4, <4.4.12
>=5.0.0-alpha, <5.0.4
|
Relative Path Traversal
|
>=1.0.0-beta4, <4.4.12
>=5.0.0-alpha, <5.0.4
|
Server-Side Request Forgery (SSRF)
|
>=1.0.0-beta4, <4.4.12
>=5.0.0-alpha, <5.0.4
|
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
| |
Incorrect Regular Expression
| |
Cross-site Scripting (XSS)
|
>=4.0.0-alpha1, <4.0.0
<3.3.4
|
Cross-site Scripting (XSS)
|
>=4.0.0-alpha1, <4.0.0
<3.3.4
|
Cross-site Scripting (XSS)
|
>=4.0.0-alpha1, <4.0.0
<3.3.4
|
Cross-site Scripting (XSS)
|
>=4.0.0-alpha1, <4.0.0
<3.3.4
|
Cryptographic Weakness
|
>=4.0.0-alpha1, <4.0.0
<3.3.4
|
Information Exposure
| |
Cross-site Scripting (XSS)
| |
Improper Neutralization
| |
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
| |
Information Exposure
| |
Improper Authorization
| |
Improper Authorization
| |
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
| |
Cross-site Scripting (XSS)
|
>=3.0.0, <3.2.4
>=2.0.0, <2.16.5
|