Vulnerabilities > Onosproject > Onos > 1.15.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-30093 | Cross-site Scripting vulnerability in Onosproject Onos A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard. | 6.1 |
| 2019-07-17 | CVE-2019-13624 | Data Processing Errors vulnerability in Onosproject Onos 1.15.0 In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. | 9.8 |