| Use of Weak Hash | medium |
| Use of Weak Hash | medium |
| Use of Hard-coded Credentials | high |
| Use of Hard-coded Credentials | high |
| Use of a Broken or Risky Cryptographic Algorithm | high |
| Use of a Broken or Risky Cryptographic Algorithm | low |
| URL Redirection to Untrusted Site ('Open Redirect') | medium |
| URL Redirection to Untrusted Site ('Open Redirect') | medium |
| Trusting HTTP Permission Methods on the Server Side | high |
| Server-Side Request Forgery (SSRF) | medium |
| Sensitive Cookie Without 'HttpOnly' Flag | low |
| Missing Encryption of Sensitive Data | medium |
| Insufficiently Protected Credentials | low |
| Insufficiently Protected Credentials | low |
| Insufficiently Protected Credentials | low |
| Insufficient Verification of Data Authenticity | low |
| Inefficient Regular Expression Complexity | high |
| Incorrect Regular Expression | medium |
| Incorrect Default Permissions | low |
| Incorrect Default Permissions | medium |
| Inclusion of Sensitive Information in Source Code | medium |
| Inadequate Encryption Strength | high |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | medium |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | low |
| Improper Restriction of XML External Entity Reference | low |
| Improper Restriction of XML External Entity Reference | medium |
| Improper Restriction of Rendered UI Layers or Frames | low |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | high |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | high |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | high |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | high |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | high |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | low |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | high |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | high |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | high |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | high |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | low |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | high |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | medium |
| Improper Control of Generation of Code ('Code Injection') | low |
| Improper Control of Generation of Code ('Code Injection') | high |
| Improper Certificate Validation | high |
| Improper Access Control | medium |
| External Control of File Name or Path | medium |
| Exposure of Sensitive Information to an Unauthorized Actor | medium |
| Exposure of Sensitive Information to an Unauthorized Actor | low |
| Divide By Zero | medium |
| Deserialization of Untrusted Data | high |
| Deserialization of Untrusted Data | medium |
| Deserialization of Untrusted Data | high |
| Deserialization of Untrusted Data | medium |
| Cross-Site Request Forgery (CSRF) | low |
| Cross-Site Request Forgery (CSRF) | low |
| Cleartext Transmission of Sensitive Information | medium |
| Cleartext Transmission of Sensitive Information | medium |
| Cleartext Transmission of Sensitive Information | medium |
| Cleartext Transmission of Sensitive Information | medium |
| Cleartext Transmission of Sensitive Information | medium |
| Authorization Bypass Through User-Controlled Key | high |