logo
DATABASE RESOURCES PRICING ABOUT US

EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 SP1 P1 Stored Cross-site Scripting

Description

The version of EMC RSA Archer running on the remote web server is 6.6.x prior to 6.6.0.8 (6.6 P8), 6.7.x prior to 6.7.0.8 (6.7 P8), 6.8.x prior to 6.8.0.5 (6.8 P5) or 6.9.x prior to 6.9.1.1 (6.9 SP1 P1). It is, therefore, affected by a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user with access to modify link name fields could potentially exploit this vulnerability to execute code in a victim’s browser. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related