Description
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
CVE vulnerabilities with CWE-425 (265)
10.0
CVSS
CRITICAL
CVE-2018-3774
pub. 2018-08-12
9.8
CVSS
CRITICAL
CVE-2022-43110
pub. 2025-08-22
9.8
CVSS
CRITICAL
CVE-2025-26689
pub. 2025-03-31
9.8
CVSS
CRITICAL
CVE-2024-24592
pub. 2024-02-06
9.8
CVSS
CRITICAL
CVE-2024-0204
pub. 2024-01-22
9.8
CVSS
CRITICAL
CVE-2022-45276
pub. 2022-11-23
9.8
CVSS
CRITICAL
CVE-2022-26279
pub. 2022-03-24
9.8
CVSS
CRITICAL
CVE-2021-36560
pub. 2021-11-02
9.8
CVSS
CRITICAL
CVE-2021-36745
pub. 2021-09-29
9.8
CVSS
CRITICAL
CVE-2021-24215
pub. 2021-04-12
9.8
CVSS
CRITICAL
CVE-2019-12768
pub. 2020-12-30
9.8
CVSS
CRITICAL
CVE-2020-24660
pub. 2020-09-14
9.8
CVSS
CRITICAL
CVE-2020-24203
pub. 2020-08-27
9.8
CVSS
CRITICAL
CVE-2019-16340
pub. 2019-11-21
9.8
CVSS
CRITICAL
CVE-2019-9584
pub. 2019-08-14
9.8
CVSS
CRITICAL
CVE-2019-9884
pub. 2019-07-25
9.8
CVSS
CRITICAL
CVE-2019-9552
pub. 2019-03-04
9.8
CVSS
CRITICAL
CVE-2019-7736
pub. 2019-02-11
9.8
CVSS
CRITICAL
CVE-2018-18922
pub. 2018-12-13
9.8
CVSS
CRITICAL
CVE-2018-19207
pub. 2018-11-12
Showing 20 of 265 vulnerabilities