| Weak Password Requirements | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Business Logic Errors | |
| Information Exposure | |
| Missing Standardized Error Handling Mechanism | |
| Improper Enforcement of Behavioral Workflow | |
| Unrestricted Upload of File with Dangerous Type | |
| Cross-site Scripting (XSS) | |
| Improper Access Control | |
| Cross-site Scripting (XSS) | |
| Use of Hard-coded Credentials | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Privilege Management | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Deserialization of Untrusted Data | |
| Arbitrary Command Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Arbitrary File Upload | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Insufficient Session Expiration | |
| Insufficient Session Expiration | |
| Information Exposure | |
| Brute Force | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Denial of Service (DoS) | |
| Cross-site Scripting (XSS) | |
| Integer Overflow or Wraparound | |
| Cross-site Scripting (XSS) | |
| Integer Overflow or Wraparound | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Execution | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting | |
| Cross-site Scripting (XSS) | |
| Integer Overflow or Wraparound | |
| HTML Code Injection | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Insecure Storage of Sensitive Information | |
| Cross-site Scripting (XSS) | |
| Business Logic Errors | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Open Redirect | |
| Open Redirect | |
| Command Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| HTML Injection | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Arbitrary File Write via Archive Extraction (Zip Slip) | |
| Information Disclosure | |
| Arbitrary File Upload | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
