Medium Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)	CVE-2013-4389 CWE-134	CWE-134	Medium
Ruby Other Vulnerability (CVE-2012-5380)	CVE-2012-5380		Medium
Ruby Other Vulnerability (CVE-2014-8080)	CVE-2014-8080		Medium
Ruby Other Vulnerability (CVE-2014-8090)	CVE-2014-8090		Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)	CVE-2011-1005 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)	CVE-2012-4464 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)	CVE-2012-4466 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4481)	CVE-2012-4481 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4522)	CVE-2012-4522 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2065)	CVE-2013-2065 CWE-264	CWE-264	Medium
Ruby Resource Management Errors Vulnerability (CVE-2008-3443)	CVE-2008-3443		Medium
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)	CVE-2014-2734		Medium
Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)	CVE-2020-11821 CWE-312	CWE-312	Medium
Rukovoditel Cross-site Scripting (XSS) Vulnerability (CVE-2019-7541)	CVE-2019-7541		Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7400)	CVE-2019-7400 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11813)	CVE-2020-11813 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11822)	CVE-2020-11822 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18469)	CVE-2020-18469 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18470)	CVE-2020-18470 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21732)	CVE-2020-21732 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35984)	CVE-2020-35984 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35985)	CVE-2020-35985 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35986)	CVE-2020-35986 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35987)	CVE-2020-35987 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43164)	CVE-2022-43164 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43165)	CVE-2022-43165 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43166)	CVE-2022-43166 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43167)	CVE-2022-43167 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43169)	CVE-2022-43169 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43170)	CVE-2022-43170 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43185)	CVE-2022-43185 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44944)	CVE-2022-44944 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44946)	CVE-2022-44946 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44947)	CVE-2022-44947 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44948)	CVE-2022-44948 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44949)	CVE-2022-44949 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44950)	CVE-2022-44950 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44951)	CVE-2022-44951 CWE-707	CWE-707	Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44952)	CVE-2022-44952 CWE-707	CWE-707	Medium
Same origin method execution (SOME)	CWE-20	CWE-20	Medium
Same site scripting	CWE-16	CWE-16	Medium
SAP BO BIP SSRF (CVE-2020-6308)	CWE-918	CWE-918	Medium
SAP ICF /sap/public/info sensitive information disclosure	CWE-200	CWE-200	Medium
SAP ICF URL redirection Vulnerability	CWE-601	CWE-601	Medium
SAP NetWeaver Java AS WD_CHAT information disclosure vulnerability	CWE-200	CWE-200	Medium
SAP NetWeaver server info information disclosure	CWE-200	CWE-200	Medium
SAP NetWeaver server info information disclosure BCB	CWE-200	CWE-200	Medium
SAP NW KW XSS vulnerability (CVE-2021-42063)	CVE-2021-42063 CWE-79	CWE-79	Medium
Select2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10744)	CVE-2016-10744 CWE-707	CWE-707	Medium
Sensitive Data Exposure	CWE-200	CWE-200	Medium
Seo Panel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-22643)	CVE-2024-22643 CWE-352	CWE-352	Medium
SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2020-35930)	CVE-2020-35930		Medium
SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2021-3002)	CVE-2021-3002		Medium
Seo Panel Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-22646)	CVE-2024-22646 CWE-209	CWE-209	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1855)	CVE-2014-1855 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-100024)	CVE-2014-100024 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-10838)	CVE-2017-10838 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14384)	CVE-2018-14384 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28417)	CVE-2021-28417 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28418)	CVE-2021-28418 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28420)	CVE-2021-28420 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29008)	CVE-2021-29008 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)	CVE-2021-29009 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29010)	CVE-2021-29010 CWE-707	CWE-707	Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39413)	CVE-2021-39413 CWE-707	CWE-707	Medium
Seo Panel Observable Discrepancy Vulnerability (CVE-2024-22647)	CVE-2024-22647 CWE-203	CWE-203	Medium
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-22648)	CVE-2024-22648 CWE-918	CWE-918	Medium
Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)	CVE-2011-3800 CWE-200	CWE-200	Medium
Serendipity Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-6242)	CVE-2006-6242 CWE-22	CWE-22	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6205)	CVE-2007-6205 CWE-707	CWE-707	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0124)	CVE-2008-0124 CWE-707	CWE-707	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1385)	CVE-2008-1385 CWE-707	CWE-707	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1386)	CVE-2008-1386 CWE-707	CWE-707	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1133)	CVE-2011-1133 CWE-707	CWE-707	Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1135)	CVE-2011-1135 CWE-707	CWE-707	Medium

Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)

CVE-2013-4389

CWE-134

Medium

Ruby Other Vulnerability (CVE-2012-5380)

CVE-2012-5380

Medium

Ruby Other Vulnerability (CVE-2014-8080)

CVE-2014-8080

Medium

Ruby Other Vulnerability (CVE-2014-8090)

CVE-2014-8090

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)

CVE-2011-1005

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)

CVE-2012-4464

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)

CVE-2012-4466

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4481)

CVE-2012-4481

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4522)

CVE-2012-4522

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2065)

CVE-2013-2065

CWE-264

Medium

Ruby Resource Management Errors Vulnerability (CVE-2008-3443)

CVE-2008-3443

Medium

Ruby Resource Management Errors Vulnerability (CVE-2014-2734)

CVE-2014-2734

Medium

Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)

CVE-2020-11821

CWE-312

Medium

Rukovoditel Cross-site Scripting (XSS) Vulnerability (CVE-2019-7541)

CVE-2019-7541

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7400)

CVE-2019-7400

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11813)

CVE-2020-11813

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11822)

CVE-2020-11822

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18469)

CVE-2020-18469

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18470)

CVE-2020-18470

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21732)

CVE-2020-21732

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35984)

CVE-2020-35984

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35985)

CVE-2020-35985

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35986)

CVE-2020-35986

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35987)

CVE-2020-35987

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43164)

CVE-2022-43164

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43165)

CVE-2022-43165

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43166)

CVE-2022-43166

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43167)

CVE-2022-43167

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43169)

CVE-2022-43169

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43170)

CVE-2022-43170

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43185)

CVE-2022-43185

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44944)

CVE-2022-44944

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44946)

CVE-2022-44946

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44947)

CVE-2022-44947

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44948)

CVE-2022-44948

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44949)

CVE-2022-44949

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44950)

CVE-2022-44950

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44951)

CVE-2022-44951

CWE-707

Medium

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44952)

CVE-2022-44952

CWE-707

Medium

Same origin method execution (SOME)

CWE-20

Medium

Same site scripting

CWE-16

Medium

SAP BO BIP SSRF (CVE-2020-6308)

CWE-918

Medium

SAP ICF /sap/public/info sensitive information disclosure

CWE-200

Medium

SAP ICF URL redirection Vulnerability

CWE-601

Medium

SAP NetWeaver Java AS WD_CHAT information disclosure vulnerability

CWE-200

Medium

SAP NetWeaver server info information disclosure

CWE-200

Medium

SAP NetWeaver server info information disclosure BCB

CWE-200

Medium

SAP NW KW XSS vulnerability (CVE-2021-42063)

CVE-2021-42063

CWE-79

Medium

Select2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10744)

CVE-2016-10744

CWE-707

Medium

Sensitive Data Exposure

CWE-200

Medium

Seo Panel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-22643)

CVE-2024-22643

CWE-352

Medium

SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2020-35930)

CVE-2020-35930

Medium

SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2021-3002)

CVE-2021-3002

Medium

Seo Panel Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-22646)

CVE-2024-22646

CWE-209

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1855)

CVE-2014-1855

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-100024)

CVE-2014-100024

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-10838)

CVE-2017-10838

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14384)

CVE-2018-14384

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28417)

CVE-2021-28417

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28418)

CVE-2021-28418

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28420)

CVE-2021-28420

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29008)

CVE-2021-29008

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)

CVE-2021-29009

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29010)

CVE-2021-29010

CWE-707

Medium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39413)

CVE-2021-39413

CWE-707

Medium

Seo Panel Observable Discrepancy Vulnerability (CVE-2024-22647)

CVE-2024-22647

CWE-203

Medium

Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-22648)

CVE-2024-22648

CWE-918

Medium

Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)

CVE-2011-3800

CWE-200

Medium

Serendipity Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-6242)

CVE-2006-6242

CWE-22

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6205)

CVE-2007-6205

CWE-707

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0124)

CVE-2008-0124

CWE-707

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1385)

CVE-2008-1385

CWE-707

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1386)

CVE-2008-1386

CWE-707

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1133)

CVE-2011-1133

CWE-707

Medium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1135)

CVE-2011-1135

CWE-707

Medium

Medium Severity Vulnerabilities

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities