Skip to main content
 
 
 

Acunetix Web Application Vulnerability Report 2020

Acunetix Web Application Vulnerability Report 2020
The 2020 edition of the Acunetix Web Application Vulnerability Report contains a statistical data analysis for web vulnerabilities and network perimeter vulnerabilities.

Some interesting insights from this years’ study include:
  • The total number of web and network perimeter vulnerabilities decreased from 2019, but the state of web security is still far from perfect.
  • Relatively new scan targets had more vulnerabilities than others.
  • More than 25% of web applications have at least one high-severity vulnerability.

Some selected vulnerabilities this year (and the change percentage comparing to 2019):
  • Remote code execution (RCE): 3% (↑ from 2% in 2019)
  • SQL Injection (SQLi): 8% (↓ from 14% in 2019)
  • Directory traversal: 4% (↑ from 2% in 2019)
  • Cross-site Scripting (XSS): 25% (↓ from 33% in 2019)
  • Vulnerable JavaScript libraries: 33% (↓ from 36% in 2019)
  • Server-side Request Forgery (SSRF): 1% (1% in 2019)
  • Cross-site Request Forgery (CSRF): 36% (↓ from 51% in 2019)
  • Host header injection: 2.5% (↓ from 4% in 2019)
  • WordPress vulnerabilities: 24% (↓ from 30% in 2019)

You can find the full Acunetix Web Application Vulnerability Report 2020 here.


Our engineers are ready to help you secure your systems. Please contact us now.