Vulnerabilities > Arubanetworks > Edgeconnect SD WAN Orchestrator > 9.4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-24	CVE-2024-22444	Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. network low complexity arubanetworks CWE-79	6.1
2024-07-24	CVE-2024-22443	Unspecified vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. network low complexity arubanetworks	8.8
2024-07-24	CVE-2024-41914	Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. network low complexity arubanetworks CWE-79 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.