| Allocation of Resources Without Limits or Throttling | |
| CVE-2025-9825 | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Missing Authorization | |
| Business Logic Errors | |
| Privilege Defined With Unsafe Actions | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Validation of Specified Quantity in Input | |
| Server-Side Request Forgery (SSRF) | |
| Improper Validation of Specified Quantity in Input | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Missing Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Arbitrary Code Injection | |
| Inefficient Regular Expression Complexity | |
| Incorrect Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Insufficient Granularity of Access Control | |
| Incorrect Permission Assignment for Critical Resource | |
| Cross-site Scripting (XSS) | |
| Missing Authorization | |
| Information Exposure | |
| Insufficient Granularity of Access Control | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Missing Authentication for Critical Function | |
| Allocation of Resources Without Limits or Throttling | |
| Business Logic Errors | |
| Missing Authorization | |
| Inefficient Regular Expression Complexity | |
| Cross-site Request Forgery (CSRF) | |
| Missing Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Insufficient Granularity of Access Control | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Allocation of Resources Without Limits or Throttling | |
| Insufficient Granularity of Access Control | |
| Improper Validation of Consistency within Input | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2025-0605 | |
| Allocation of Resources Without Limits or Throttling | |
| Exposure of Private Information ('Privacy Violation') | |
| Insufficient Granularity of Access Control | |
| Allocation of Resources Without Limits or Throttling | |
| Authentication Bypass | |
| Insufficient Granularity of Access Control | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Business Logic Errors | |
| Insufficient Granularity of Access Control | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Insufficient Granularity of Access Control | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Information Exposure | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Execution with Unnecessary Privileges | |
| Cross-site Scripting (XSS) | |
| Execution with Unnecessary Privileges | |
| Insufficient Session Expiration | |
| Incorrect Authorization | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2024-2878 | |
| Allocation of Resources Without Limits or Throttling | |
| Missing Authorization | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Request Forgery (CSRF) | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| CVE-2024-11931 | |
| Cross-site Scripting (XSS) | |
| File and Directory Information Exposure | |
| Algorithmic Complexity | |
| Missing Authorization | |
| Incorrect User Management | |
| Information Exposure | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Privilege Context Switching Error | |
| Information Exposure Through Log Files | |
| Open Redirect | |
| Directory Traversal | |
| Algorithmic Complexity | |
| Open Redirect | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2024-8114 | |
| CVE-2024-8237 | |
| CVE-2024-11828 | |
| CVE-2024-8177 | |
| Incorrect Authorization | |
| CVE-2024-9633 | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| CVE-2024-8970 | |
| CVE-2024-5005 | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| CVE-2023-3441 | |
| Incorrect Authorization | |
| CVE-2024-6685 | |
| Inefficient Regular Expression Complexity | |
| Information Exposure | |
| Authentication Bypass | |
| Information Exposure Through Log Files | |
| CVE-2024-6446 | |
| CVE-2024-6389 | |
| CVE-2024-8754 | |
| CVE-2024-8641 | |
| CVE-2024-8041 | |
| CVE-2024-6502 | |
| CVE-2024-7554 | |
| CVE-2024-7610 | |
| Improper Encoding or Escaping of Output | |
| Improper Authentication | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| CVE-2024-5423 | |
| Cross-site Scripting (XSS) | |
| CVE-2024-4210 | |
| Authorization Bypass Through User-Controlled Key | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| CVE-2024-7057 | |
| CVE-2024-7060 | |
| CVE-2024-7091 | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Insufficient Comparison | |
| CVE-2024-2880 | |
| CVE-2024-6385 | |
| Unrestricted Upload of File with Dangerous Type | |
| Cross-site Scripting (XSS) | |
| CVE-2024-5655 | |
| Inefficient Regular Expression Complexity | |
| CVE-2024-2191 | |
| Resource Exhaustion | |
| Incorrect Authorization | |
| CVE-2024-5430 | |
| CVE-2024-3959 | |
| CVE-2024-1816 | |
| Inefficient Regular Expression Complexity | |
| Improper Check for Unusual or Exceptional Conditions | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| CVE-2024-1947 | |
| Allocation of Resources Without Limits or Throttling | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| CVE-2024-1347 | |
| Directory Traversal | |
| Incorrect Authorization | |
| Improper Authentication | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| CVE-2024-1299 | |
| CVE-2024-0410 | |
| CVE-2024-1525 | |
| CVE-2023-3509 | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2023-6840 | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| CVE-2023-5612 | |
| Directory Traversal | |
| CVE-2024-0456 | |
| Incorrect Authorization | |
| Improper Verification of Cryptographic Signature | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Missing Authorization | |
| CVE-2023-4812 | |
| CVE-2023-5061 | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| CVE-2023-5226 | |
| CVE-2023-3964 | |
| CVE-2023-3443 | |
| CVE-2023-4317 | |
| Cross-site Scripting (XSS) | |
| CVE-2023-3949 | |
| Allocation of Resources Without Limits or Throttling | |
| Inefficient Regular Expression Complexity | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| CVE-2023-5831 | |
| CVE-2023-3399 | |
| CVE-2023-0989 | |
| CVE-2023-2233 | |
| CVE-2023-3979 | |
| CVE-2023-4532 | |
| CVE-2023-3413 | |
| Open Redirect | |
| Incorrect Authorization | |
| CVE-2023-5198 | |
| CVE-2023-5207 | |
| CVE-2023-3917 | |
| Inefficient Regular Expression Complexity | |
| CVE-2023-4630 | |
| CVE-2023-4522 | |
| Open Redirect | |
| CVE-2023-0120 | |
| Inefficient Regular Expression Complexity | |
| CVE-2023-1555 | |
| CVE-2023-4378 | |
| CVE-2023-4018 | |
| CVE-2023-4638 | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2023-2022 | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| CVE-2023-3900 | |
| CVE-2023-1210 | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| CVE-2023-4008 | |
| Inefficient Regular Expression Complexity | |
| Directory Traversal | |
| Inefficient Regular Expression Complexity | |
| CVE-2023-2620 | |
| Authorization Bypass Through User-Controlled Key | |
| Information Exposure | |
| Information Exposure Through Log Files | |
| CVE-2023-1936 | |
| CVE-2023-2576 | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| Time-of-check Time-of-use (TOCTOU) | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| CVE-2022-4462 | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Inefficient Regular Expression Complexity | |
| Arbitrary Command Injection | |
| Cross-site Scripting (XSS) | |
| CVE-2023-0756 | |
| CVE-2023-1710 | |
| CVE-2023-1733 | |
| CVE-2023-1204 | |
| CVE-2023-0223 | |
| CVE-2023-2013 | |
| Arbitrary Code Injection | |
| CVE-2022-4376 | |
| CVE-2023-2485 | |
| CVE-2023-1787 | |
| Open Redirect | |
| CVE-2023-2001 | |
| Allocation of Resources Without Limits or Throttling | |
| Exposure of Resource to Wrong Sphere | |
| Cross-site Scripting (XSS) | |
| CVE-2023-0483 | |
| Cross-site Scripting (XSS) | |
| CVE-2023-1098 | |
| Incorrect Default Permissions | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Incorrect Permission Assignment for Critical Resource | |
| Cross-site Scripting (XSS) | |
| CVE-2023-0838 | |
| CVE-2023-0508 | |
| Exposure of Resource to Wrong Sphere | |
| Inefficient Regular Expression Complexity | |
| CVE-2023-0450 | |
| CVE-2022-3375 | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| CVE-2023-2181 | |
| CVE-2022-4289 | |
| CVE-2023-1084 | |
| Session Fixation | |
| Resource Exhaustion | |
| Improper Validation of Specified Quantity in Input | |
| CVE-2023-0518 | |
| CVE-2022-3759 | |
| Cross-site Request Forgery (CSRF) | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Race Condition | |
| CVE-2022-3613 | |
| CVE-2022-3870 | |
| Inefficient Regular Expression Complexity | |
| Open Redirect | |
| CVE-2022-4365 | |
| CVE-2022-4342 | |
| Server-Side Request Forgery (SSRF) | |
| CVE-2022-4054 | |
| Cross-site Scripting (XSS) | |
| Unrestricted Upload of File with Dangerous Type | |
| CVE-2022-4206 | |
| CVE-2022-3820 | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| CVE-2022-3902 | |
| CVE-2022-3740 | |
| Missing Authorization | |
| CVE-2022-2826 | |
| CVE-2022-3030 | |
| CVE-2022-3767 | |
| CVE-2022-3726 | |
| CVE-2022-2761 | |
| OS Command Injection | |
| Open Redirect | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Resource Exhaustion | |
| Open Redirect | |
| CVE-2022-3793 | |
| CVE-2022-3483 | |
| CVE-2022-3706 | |
| Authorization Bypass Through User-Controlled Key | |
| Resource Exhaustion | |
| Information Exposure Through Log Files | |
| CVE-2022-3285 | |
| Resource Exhaustion | |
| CVE-2022-3330 | |
| CVE-2022-3288 | |
| Cross-site Scripting (XSS) | |
| CVE-2022-3325 | |
| Directory Traversal | |
| CVE-2022-3066 | |
| Exposure of Resource to Wrong Sphere | |
| Improper Handling of Exceptional Conditions | |
| CVE-2022-3067 | |
| Improper Authentication | |
| Resource Exhaustion | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| CVE-2022-3031 | |
| Inefficient Regular Expression Complexity | |
| CVE-2022-2907 | |
| Resource Exhaustion | |
| CVE-2022-2630 | |
| Improper Validation of Specified Quantity in Input | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| OS Command Injection | |
| Improper Input Validation | |
| Incorrect Authorization | |
| CVE-2022-2539 | |
| Incorrect Authorization | |
| Improper Authentication | |
| Incomplete Cleanup | |
| CVE-2022-2456 | |
| CVE-2022-2534 | |
| CVE-2022-2512 | |
| Improper Privilege Management | |
| Cross-site Scripting (XSS) | |
| CVE-2022-2497 | |
| Cross-site Request Forgery (CSRF) | |
| CVE-2022-1999 | |
| Cross-site Scripting (XSS) | |
| Incorrect Default Permissions | |
| Open Redirect | |
| Incorrect Permission Assignment for Critical Resource | |
| OS Command Injection | |
| CVE-2022-2229 | |
| Inefficient Regular Expression Complexity | |
| CVE-2022-1963 | |
| Authorization Bypass Through User-Controlled Key | |
| CVE-2022-2244 | |
| Cross-site Scripting (XSS) | |
| CVE-2022-1545 | |
| Incorrect Authorization | |
| Missing Authorization | |
| Improper Input Validation | |
| Improper Authentication | |
| Cross-site Scripting (XSS) | |
| Insufficiently Protected Credentials | |
| Authorization Bypass Through User-Controlled Key | |
| Improper Input Validation | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| CVE-2022-1821 | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| CVE-2022-1680 | |
| Incorrect Authorization | |
| CVE-2022-0477 | |
| Incorrect Authorization | |
| Arbitrary Code Injection | |
| CVE-2022-0373 | |
| Server-Side Request Forgery (SSRF) | |
| Improper Certificate Validation | |
| Information Exposure Through Log Files | |
| Server-Side Request Forgery (SSRF) | |
| Incorrect Authorization | |
| Use of Hard-coded Credentials | |
| Missing Authorization | |
| Missing Release of Resource after Effective Lifetime | |
| Resource Exhaustion | |
| Incorrect Authorization | |
| CVE-2022-1105 | |
| CVE-2022-1111 | |
| CVE-2022-1189 | |
| Server-Side Request Forgery (SSRF) | |
| Out-of-bounds Write | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Validation of Specified Quantity in Input | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Information Exposure | |
| CVE-2022-0344 | |
| Open Redirect | |
| Resource Exhaustion | |
| CVE-2022-0371 | |
| CVE-2022-0751 | |
| CVE-2021-4191 | |
| Improper Encoding or Escaping of Output | |
| CVE-2022-0735 | |
| Resource Exhaustion | |
| CVE-2022-0549 | |
| Incorrect Authorization | |
| CVE-2021-39892 | |
| Files or Directories Accessible to External Parties | |
| Improper Encoding or Escaping of Output | |
| CVE-2022-0093 | |
| Cross-site Scripting (XSS) | |
| Improper Privilege Management | |
| Resource Exhaustion | |
| Cross-site Request Forgery (CSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Missing Authorization | |
| CVE-2022-0151 | |
| Missing Authorization | |
| CVE-2022-0172 | |
| Improper Authentication | |
| Inadequate Encryption Strength | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Insufficient Comparison | |
| Authorization Bypass Through User-Controlled Key | |
| CVE-2021-39931 | |
| Incorrect Authorization | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Authorization Bypass Through User-Controlled Key | |
| Improper Privilege Management | |
| Incorrect Authorization | |
| Inefficient Regular Expression Complexity | |
| Resource Exhaustion | |
| Incorrect Authorization | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Improper Privilege Management | |
| Exposure of Resource to Wrong Sphere | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2021-39905 | |
| CVE-2021-39895 | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Privilege Management | |
| Exposure of Resource to Wrong Sphere | |
| Improper Preservation of Permissions | |
| Incorrect Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| CVE-2021-39901 | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Improper Privilege Management | |
| CVE-2021-22264 | |
| CVE-2021-22258 | |
| CVE-2021-22257 | |
| Cross-site Scripting (XSS) | |
| CVE-2021-39880 | |
| CVE-2021-39870 | |
| Server-Side Request Forgery (SSRF) | |
| Exposure of Resource to Wrong Sphere | |
| Incorrect Default Permissions | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Missing Authorization | |
| CVE-2021-39881 | |
| Cross-site Scripting (XSS) | |
| Cleartext Transmission of Sensitive Information | |
| Information Exposure | |
| Improper Authentication | |
| Incorrect Authorization | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Exposure of Resource to Wrong Sphere | |
| Resource Exhaustion | |
| CVE-2021-39874 | |
| Incorrect Permission Assignment for Critical Resource | |
| CVE-2021-39896 | |
| Missing Authentication for Critical Function | |
| CVE-2021-39871 | |
| CVE-2021-39873 | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Improper Encoding or Escaping of Output | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| CVE-2021-22234 | |
| Session Fixation | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| CVE-2021-22230 | |
| CVE-2021-22231 | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Improper Authentication | |
| CVE-2021-22229 | |
| CVE-2021-22226 | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Insufficient Session Expiration | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Information Exposure Through Log Files | |
| Improper Certificate Validation | |
| Resource Exhaustion | |
| Missing Authorization | |
| Incorrect Authorization | |
| Cleartext Storage of Sensitive Information | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Resource Exhaustion | |
| CVE-2021-22203 | |
| CVE-2021-22201 | |
| CVE-2021-22200 | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| CVE-2021-22198 | |
| Information Exposure | |
| Cleartext Storage of Sensitive Information | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| CVE-2021-22192 | |
| Resource Exhaustion | |
| Improper Certificate Validation | |
| CVE-2021-22188 | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Improper Authentication | |
| Resource Exhaustion | |
| CVE-2021-22167 | |
| CVE-2020-26414 | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Authorization Bypass Through User-Controlled Key | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Improper Resource Shutdown or Release | |
| Improper Input Validation | |
| Directory Traversal | |
| Directory Traversal | |
| Resource Exhaustion | |
| Cross-site Request Forgery (CSRF) | |
| Information Exposure | |
| Incorrect Authorization | |
| CVE-2020-13356 | |
| CVE-2020-13352 | |
| Incorrect Default Permissions | |
| Incorrect Permission Assignment for Critical Resource | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Exposure of Resource to Wrong Sphere | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2020-13326 | |
| CVE-2020-13325 | |
| Improper Authentication | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| CVE-2020-13324 | |
| Incorrect Authorization | |
| Missing Authorization | |
| CVE-2020-13321 | |
| Missing Authorization | |
| Insufficiently Protected Credentials | |
| Incorrect Authorization | |
| Improper Input Validation | |
| Incorrect Authorization | |
| CVE-2020-13315 | |
| Missing Authorization | |
| CVE-2020-13314 | |
| Arbitrary Code Injection | |
| Insufficient Session Expiration | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| Insufficient Session Expiration | |
| Improper Preservation of Permissions | |
| CVE-2020-13310 | |
| Improper Authentication | |
| Insufficient Session Expiration | |
| Server-Side Request Forgery (SSRF) | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Improper Input Validation | |
| Missing Authentication for Critical Function | |
| Improper Authentication | |
| Insufficient Session Expiration | |
| Incorrect Authorization | |
| CVE-2020-13287 | |
| Incorrect Type Conversion or Cast | |
| Resource Exhaustion | |
| Improper Authentication | |
| Improper Input Validation | |
| CVE-2020-13294 | |
| Cross-site Scripting (XSS) | |
| Improper Preservation of Permissions | |
| CVE-2020-13290 | |
| Resource Exhaustion | |
| Information Exposure | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Incorrect Default Permissions | |
| Cross-site Scripting (XSS) | |
| Incorrect Default Permissions | |
| Improper Privilege Management | |
| Cross-site Scripting (XSS) | |
| Missing Authentication for Critical Function | |
| Information Exposure | |
| Directory Traversal | |
| Information Exposure | |
| Improper Input Validation | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| Resource Exhaustion | |
| Incorrect Authorization | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Directory Traversal | |
| Information Exposure | |
| Information Exposure | |
| Missing Authentication for Critical Function | |
| Uncontrolled Recursion | |
| CVE-2020-10074 | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Information Exposure | |
| Improper Privilege Management | |
| CVE-2019-15592 | |
| Improper Authentication | |
| Cross-site Scripting (XSS) | |
| Authorization Bypass Through User-Controlled Key | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Improper Authentication | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Resource Exhaustion | |
| CVE-2019-20144 | |
| CVE-2019-20145 | |
| Incorrect Authorization | |
| Improper Authentication | |
| Resource Exhaustion | |
| Improper Access Control | |
| Arbitrary Command Injection | |
| Information Exposure | |
| Improper Access Control | |
| Information Exposure | |
| CVE-2019-19260 | |
| Information Exposure | |
| Information Exposure | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Information Exposure | |
| Improper Privilege Management | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Improper Preservation of Permissions | |
| Incorrect Permission Assignment for Critical Resource | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Open Redirect | |
| Information Exposure | |
| Information Exposure | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Cross-site Scripting (XSS) | |
| Improper Preservation of Permissions | |
| CVE-2019-16170 | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2019-15737 | |
| Allocation of Resources Without Limits or Throttling | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Incorrect Permission Assignment for Critical Resource | |
| Server-Side Request Forgery (SSRF) | |
| Arbitrary Command Injection | |
| Cleartext Transmission of Sensitive Information | |
| Missing Authorization | |
| Insufficient Session Expiration | |
| Missing Authorization | |
| Improper Privilege Management | |
| Server-Side Request Forgery (SSRF) | |
| Authorization Bypass Through User-Controlled Key | |
| Improper Input Validation | |
| Information Exposure | |
| Authorization Bypass Through User-Controlled Key | |
| Information Exposure | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Server-Side Request Forgery (SSRF) | |
| CVE-2019-13010 | |
| Resource Exhaustion | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| CVE-2019-12431 | |
| CVE-2019-12428 | |
| Use of Insufficiently Random Values | |
| Cross-site Scripting (XSS) | |
| Incorrect Permission Assignment for Critical Resource | |
| CVE-2019-9732 | |
| CVE-2019-7549 | |
| CVE-2019-9218 | |
| CVE-2019-5883 | |
| Cross-site Scripting (XSS) | |
| Information Exposure Through Log Files | |
| CVE-2019-11544 | |
| Cross-site Scripting (XSS) | |
| Race Condition | |
| CVE-2019-9890 | |
| Authorization Bypass Through User-Controlled Key | |
| Incorrect Permission Assignment for Critical Resource | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Incorrect Permission Assignment for Critical Resource | |
| Arbitrary Command Injection | |
| Incorrect Permission Assignment for Critical Resource | |
| Directory Traversal | |
| Information Exposure | |
| CVE-2019-9217 | |
| Information Exposure | |
| Information Exposure | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Server-Side Request Forgery (SSRF) | |
| Resource Exhaustion | |
| Improper Input Validation | |
| Information Exposure | |
| Directory Traversal | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Information Exposure | |
| CVE-2019-9485 | |
| Information Exposure | |
| Information Exposure | |
| Missing Authorization | |
| CVE-2019-6788 | |
| Improper Privilege Management | |
| Improper Privilege Management | |
| Cross-site Scripting (XSS) | |
| Improper Preservation of Permissions | |
| Missing Authorization | |
| Cross-site Scripting (XSS) | |
| Improper Privilege Management | |
| CVE-2019-6786 | |
| Information Exposure | |
| Open Redirect | |
| CVE-2019-6782 | |
| Improper Preservation of Permissions | |
| CVE-2019-6960 | |
| CVE-2019-6787 | |
| Directory Traversal | |
| CVE-2019-6785 | |
| Improper Privilege Management | |
| CVE-2019-7176 | |
| CVE-2019-6795 | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Missing Authentication for Critical Function | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| Improper Authentication | |
| Missing Authorization | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| Directory Traversal | |
| Directory Traversal | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Race Condition | |
| CRLF Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Access Control | |
| Improper Input Validation | |
| Improper Access Control | |
| Cross-site Scripting (XSS) | |
| Improper Access Control | |
| Authorization Bypass Through User-Controlled Key | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Improper Authorization | |
| Improper Access Control | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure Through Log Files | |
| CVE-2018-19359 | |
| Server-Side Request Forgery (SSRF) | |
| Information Exposure | |
| Cleartext Storage of Sensitive Information | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| CVE-2018-17453 | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Authorization Bypass Through User-Controlled Key | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Authorization Bypass Through User-Controlled Key | |
| CVE-2018-15472 | |
| Cross-site Scripting (XSS) | |
| Information Exposure Through Log Files | |
| Information Exposure | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Missing Authentication for Critical Function | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cleartext Transmission of Sensitive Information | |
| Incorrect Authorization | |
| Improper Input Validation | |
| Directory Traversal | |
| Directory Traversal | |
| SQL Injection | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Access Restriction Bypass | |
| Information Exposure | |
| Access Restriction Bypass | |
| Information Exposure | |
