Medium severity6.1NVD Advisory· Published Mar 14, 2023· Updated Jun 17, 2026
CVE-2023-24279
CVE-2023-24279
Description
A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.onosproject:onos-archetypesMaven | >= 1.9.0, <= 2.7.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
7- www.youtube.com/watchnvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-3xmp-jwrr-8f4rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-24279ghsaADVISORY
- www.edoardoottavianelli.itghsaWEB
- www.edoardoottavianelli.itnvdNot Applicable
- www.edoardoottavianelli.it/CVE-2023-24279nvdWEB
- www.edoardoottavianelli.it/CVE-2023-24279/index.htmlghsaWEB
News mentions
0No linked articles in our index yet.