2.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-14	CVE-2023-24279	Cross-site Scripting vulnerability in Opennetworking Onos A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard. network low complexity opennetworking CWE-79	6.1
2020-02-20	CVE-2019-11189	Authentication Bypass by Spoofing vulnerability in Opennetworking Onos Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. network low complexity opennetworking CWE-290	5.0