Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-1269 | Product Released in Non-Release Configuration The product released to market is released in pre-production or manufacturing configuration. | 1 | 0 | 0 | 0 | 1 | |
CWE-283 | Unverified Ownership The software does not properly verify that a critical resource is owned by the proper entity. | 0 | 1 | 0 | 0 | 1 | |
CWE-348 | Use of Less Trusted Source The software has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack. | 0 | 0 | 1 | 0 | 1 | |
CWE-1230 | Exposure of Sensitive Information Through Metadata The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information. | 0 | 1 | 0 | 0 | 1 | |
CWE-86 | Improper Neutralization of Invalid Characters in Identifiers in Web Pages The software does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers. | 0 | 0 | 1 | 0 | 1 | |
CWE-219 | Sensitive Data Under Web Root The application stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties. | 0 | 0 | 1 | 0 | 1 |