Component Vulnerability Family for Web App Scanning

ID	Name	Severity
114819	Grafana 11.1.x < 11.4.3+security-01 Cross-site Scripting	medium
114818	Grafana 11.1.x < 11.3.5+security-01 Cross-site Scripting	medium
114817	Grafana 11.1.x < 11.2.8+security-01 Cross-site Scripting	medium
114816	Grafana 11.6.x < 11.6.1 Cross-site Scripting	high
114815	Grafana 11.5.x < 11.5.4 Cross-site Scripting	high
114814	Grafana 11.4.x < 11.4.4 Cross-site Scripting	high
114813	Grafana 11.3.x < 11.3.6 Cross-site Scripting	high
114812	Grafana 11.2.x < 11.2.9 Cross-site Scripting	high
114811	Grafana < 10.4.18 Cross-site Scripting	high
114810	Grafana 12.0.x < 12.0.1 Improper Access Control	medium
114809	Grafana 11.6.x < 11.6.2 Improper Access Control	medium
114808	Grafana 11.5.x < 11.5.5 Improper Access Control	medium
114807	Grafana 11.4.x < 11.4.5 Improper Access Control	medium
114806	Grafana 11.3.x < 11.3.7 Improper Access Control	medium
114805	Grafana 11.2.x < 11.2.10 Improper Access Control	medium
114804	Grafana < 10.4.19 Improper Access Control	medium
114802	Atlassian Jira 10.5.x < 10.5.1 Privilege Escalation	high
114801	Atlassian Jira 10.3.x < 10.3.5 Privilege Escalation	high
114800	Atlassian Jira < 9.12.20 Privilege Escalation	high
114799	SonicWall SMA < 10.2.1.14-75sv Unauthenticated Arbitrary File Read	critical
114795	FortiOS 7.0.x < 7.0.13 / 7.2.x < 7.2.6 / 7.4.x < 7.4.2 Remote Code Execution	critical
114794	Ivanti Endpoint Manager Mobile < 11.12.0.5 / < 12.3.0.2 / < 12.4.0.2 / < 12.5.0.1 Authentication Bypass	high
114789	Apache Tomcat 9.0.0-M1 < 9.0.104 Multiple Vulnerabilities	high
114788	Apache Tomcat 10.1.0-M1 < 10.1.40 Multiple Vulnerabilities	high
114787	Apache Tomcat 11.0.0-M1 < 11.0.6 Multiple Vulnerabilities	high
114786	CraftCMS 3.x < 3.9.15 / 4.x < 4.14.15 / 5.x < 5.6.17 Remote Code Execution	critical
114785	SAP NetWeaver Visual Composer Metadata Uploader Arbitrary File Upload	critical
114784	Citrix Netscaler 14.1.x < 14.1-25.53 Information Disclosure	critical
114783	SureTriggers Plugin for WordPress < 1.0.79 Authorization Bypass	high
114782	Greenshift Plugin for WordPress < 11.4.5 Arbitrary File Upload	high
114781	Atlassian Jira 9.12.x < 9.12.22 XML External Entity	high
114778	Vite < 4.5.13 / 5.0.x < 5.4.18 / 6.0.x < 6.0.15 / 6.1.x < 6.1.5 / 6.2.x < 6.2.6 Arbitrary File Read	medium
114777	FortiOS 7.0.x < 7.0.16 Authentication Bypass	critical
114774	Joomla! 4.x < 4.4.13 Multiple Vulnerabilities	medium
114773	Joomla! 5.x < 5.2.6 Multiple Vulnerabilities	medium
114772	Vite < 4.5.10 / 5.0.x < 5.4.15 / 6.0.x < 6.0.12 / 6.1.x < 6.1.2 / 6.2.x < 6.2.3 Arbitrary File Read	medium
114771	Next.js 11.1.4 < 12.3.5 Authorization Bypass	critical
114770	Next.js 14.0.x < 14.2.10 Cache Poisoning	high
114769	Next.js 13.5.1 < 13.5.7 Cache Poisoning	high
114768	Next.js 9.5.5 < 14.2.15 Authorization Bypass	high
114767	Moodle < 3.9.20 Multiple Vulnerabilities	critical
114766	Moodle 3.11.x < 3.11.13 Multiple Vulnerabilities	critical
114765	Moodle 4.0.x < 4.0.7 Multiple Vulnerabilities	critical
114764	Moodle 4.1.x < 4.1.2 Multiple Vulnerabilities	critical
114763	Moodle 4.1.x < 4.1.3 Arbitrary Folder Creation	medium
114762	Moodle < 3.9.21 SQL injection	high
114761	Moodle 3.11.x < 3.11.14 SQL injection	high
114760	Moodle 4.0.x < 4.0.8 SQL injection	high
114759	Moodle 4.1.x < 4.1.3 SQL injection	high
114758	Moodle 3.11.x < 3.11.15 XSS Risk on groups page	medium

Detections

Analytics

Component Vulnerability Family for Web App Scanning

medium

medium

medium

high

high

high

high

high

high

medium

medium

medium

medium

medium

medium

medium

high

high

high

critical

critical

high

high

high

high

critical

critical

critical

high

high

high

medium

critical

medium

medium

medium

critical

high

high

high

critical

critical

critical

critical

medium

high

high

high

high

medium