| Use of Password Hash With Insufficient Computational Effort | |
| Incorrect Authorization | |
| Improper Input Validation | |
| Cross-site Request Forgery (CSRF) | |
| Improper Authentication | |
| Improper Input Validation | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Authorization | |
| Improper Certificate Validation | |
| Man-in-the-Middle (MitM) | |
| Man-in-the-Middle (MitM) | |
| Man-in-the-Middle (MitM) | |
| Authentication Bypass | |
| Man-in-the-Middle (MitM) | |
| CVE-2015-5370 | |
| Man-in-the-Middle (MitM) | |
| Incorrect Calculation of Buffer Size | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Information Exposure Through Log Files | |
| Information Exposure | |
| Credentials Management | |
| Insufficient Session Expiration | |
| Cross-site Scripting (XSS) | |
