User Interface (UI) Misrepresentation of Critical Information | |
Credential Exposure | |
SQL Injection | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Arbitrary File Upload | |
SQL Injection | |
Cross-site Scripting (XSS) | |
Directory Traversal | |
Cross-site Scripting (XSS) | |
Improper Access Control | |
Cross-site Scripting (XSS) | |
Improper Access Control | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |
Cross-site Scripting (XSS) | |
Sensitive Cookie Without 'Secure' Attribute | |
Insufficient Session Expiration | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |
Unrestricted Upload of File with Dangerous Type | |
Cross-site Scripting (XSS) | |
Improper Input Validation | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Access Restriction Bypass | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Access Control Bypass | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Replay Attack | |
Cross-site Scripting (XSS) | |
Business Logic Errors | |
Cross-site Scripting (XSS) | |
Weak Password Requirements | |
Improper Input Validation | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Arbitrary Code Injection | |
Improper Privilege Management | |
Misinterpretation of Input | |
Arbitrary Command Injection | |
Arbitrary Code Injection | |
Cross-site Scripting (XSS) | |
Uncaught Exception | |
Arbitrary Code Injection | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Weak Password Requirements | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Weak Password Requirements | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Improper Authentication | |
Access Restriction Bypass | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Information Exposure | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Weak Password Requirements | |
Cross-site Scripting (XSS) | |
CSV Injection | |
Cross-site Request Forgery (CSRF) | |
Cross-site Scripting (XSS) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-Site Request Forgery (CSRF) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |