Vulnerability Name
Classifications
Severity
Server-Side Request Forgery
CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Server-Side Request Forgery (Time Based)
CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Form Hijacking
CWE-20, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1
Low
Insecure JSONP Endpoint
CWE-20, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1
Low
Insecure Reflected Content
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1
Low
Reflected File Download
PCI v3.2-6.5.1, CAPEC-375, CWE-840, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1
Low