| Insecure Default Initialization of Resource | |
| Arbitrary File Upload | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Handling of Unicode Encoding | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Unsafe Dependency Resolution | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Authorization Bypass Through User-Controlled Key | |
| Denial of Service (DoS) | |
| Server-side Request Forgery (SSRF) | |
| Reliance on File Name or Extension of Externally-Supplied File | |
| Guessable CAPTCHA | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Remote Code Execution (RCE) | |
| Information Exposure | |
| Inadequate Encryption Strength | |
| Cross-site Scripting (XSS) | |
| Inadequate Encryption Strength | |
| Cryptographic Issues | |
| Cryptographic Issues | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Privilege Escalation | |
| Server-side Request Forgery (SSRF) | |
