Orchestrator
1 CVEs
product
Monthly
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
XSS
Orchestrator
NVD
GitHub
CVSS 3.1
6.1
EPSS
1.2%
EPSS 1%
CVSS 6.1
MEDIUM
POC
PATCH
This Month
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
XSS
Orchestrator
NVD
GitHub