Insertion of Sensitive Information into Log File | |
Uninitialized Memory Exposure | |
Execution with Unnecessary Privileges | |
Improper Encoding or Escaping of Output | |
Cross-site Scripting (XSS) | |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | |
Improper Control of Generation of Code ('Code Injection') | |
Use of Web Browser Cache Containing Sensitive Information | |
Cross-site Scripting (XSS) | |
Improper Certificate Validation | |
Information Exposure | |
Arbitrary Code Execution | |
Improper Preservation of Permissions | |
Incorrect Privilege Assignment | |
Incorrect Default Permissions | |
Exposure of Resource to Wrong Sphere | |
Improper Authorization | |
Deserialization of Untrusted Data | |
Missing Authorization | |
Insertion of Sensitive Information into Log File | |
Denial of Service (DoS) | |
Cross-site Request Forgery (CSRF) | |
Improper Access Control | |
Cross-site Scripting (XSS) | |
Improper Access Control | |
Incorrect Authorization | |
Improper Access Control | |
Information Exposure | |
Information Exposure | |
Improper Access Control | |
Improper Access Control | |
Information Exposure | |
Insecure Defaults | |
Incorrect Authorization | |
Information Exposure | |
Cross-site Scripting (XSS) | |
Denial of Service (DoS) | |
Improper Certificate Validation | |
Session Fixation | |
Execution with Unnecessary Privileges | |
Improper Input Validation | |
Incorrect Authorization | |
Directory Traversal | |
Information Exposure | |
Information Exposure | |
Privilege Escalation | |
Cross-site Scripting (XSS) | |
Information Exposure | |
Command Injection | |
Open Redirect | |
Information Exposure | |
Command Injection | |
Open Redirect | |
Cross-site Scripting (XSS) | |
Access Restriction Bypass | |
Information Exposure | |
Open Redirect | |
Session Fixation | |
Information Exposure | |
Cross-site Scripting (XSS) | |
Command Injection | |
Improper Access Control | |
Improper Authentication | |
Information Exposure | |
Cross-site Scripting (XSS) | [,1.10.15)[2.0.0b1,2.0.2) |
Privilege Escalation | |
Improper Authentication | |
Improper Authentication | |
Server-Side Request Forgery (SSRF) | |
Credential Exposure | |
Cross-site Scripting (XSS) | |
Insecure Defaults | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Remote Code Execution (RCE) | |
Insecure Default | |
Command Injection | |
Cross-site Scripting (XSS) | |
Arbitrary Code Execution | |
Information Exposure | |
Cross-site Request Forgery (CSRF) | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Improper Certificate Validation | |
Information Exposure | |
Cross-site Scripting (XSS) | |
Arbitrary Code Execution | |
Cross-site Scripting (XSS) | |
Cross-site Request Forgery (CSRF) | |