Podatnosci Bezpieczenstwa JavaScript

CWE-20 7 reguly

Improper Input Validation

CWE-200 5 reguly

Exposure of Sensitive Information to an Unauthorized Actor

2 critical

CWE-798 5 reguly

Use of Hard-coded Credentials

2 critical

CWE-89 4 reguly

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

4 critical

CWE-79 3 reguly

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

1 critical

CWE-285 3 reguly

Improper Authorization

3 critical

CWE-639 3 reguly

Authorization Bypass Through User-Controlled Key

1 critical

CWE-22 2 reguly

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

1 critical

CWE-94 2 reguly

Improper Control of Generation of Code ('Code Injection')

1 critical

CWE-117 2 reguly

Improper Output Neutralization for Logs

CWE-209 2 reguly

Generation of Error Message Containing Sensitive Information

CWE-327 2 reguly

Use of a Broken or Risky Cryptographic Algorithm

CWE-400 2 reguly

Uncontrolled Resource Consumption

CWE-502 2 reguly

Deserialization of Untrusted Data

1 critical

CWE-601 2 reguly

URL Redirection to Untrusted Site ('Open Redirect')

CWE-770 2 reguly

Allocation of Resources Without Limits or Throttling

CWE-915 2 reguly

Improperly Controlled Modification of Dynamically-Determined Object Attributes

2 critical

CWE-918 2 reguly

Server-Side Request Forgery (SSRF)

CWE-1104 2 reguly

Use of Unmaintained Third Party Components

CWE-1321 2 reguly

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')