Every CVE whose affected-product data names Openark Orchestrator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2021-27940 — CVSS 6.1 (medium): resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.