Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:7 p.m.9 views

CVE-2021-33616

RSA Archer 6.x through 6.9 SP1 P4 6.9.1.4 allows stored XSS...

5.4CVSS6.8AI score0.00721EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 12:15 a.m.28 views

CVE-2022-26949

Archer 6.x through 6.9 SP2 P1 6.9.2.1 contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges...

6.5CVSS0.00916EPSS
Exploits0References2
Prion
Prion
added 2022/03/30 12:15 a.m.17 views

Cross site scripting

Archer 6.x through 6.9 SP3 6.9.3.0 contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the...

3.5CVSS5.1AI score0.00609EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/30 12:15 a.m.18 views

Improper access control

Archer 6.x through 6.9 SP2 P1 6.9.2.1 contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges...

4CVSS6.6AI score0.00916EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/30 12:15 a.m.21 views

Cross site scripting

Archer 6.x through 6.10 6.10.0.0 contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the...

4.3CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/30 12:15 a.m.18 views

Open redirect

Archer 6.x through 6.9 P2 6.9.0.2 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to t...

5.8CVSS6.3AI score0.00531EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/29 11:33 p.m.77 views

CVE-2022-26951

CVE-2022-26951 affects Archer 6.x up to 6.10 (6.10.0.0). The vulnerability is a reflected cross-site scripting (XSS) flaw: a remote, SAML-authenticated Archer user could coax a victim application user into submitting malicious HTML/JavaScript to the vulnerable web app, with the malicious code the...

6.5CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/29 11:33 p.m.28 views

CVE-2022-26950

Archer 6.x through 6.9 P2 6.9.0.2 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to t...

5.4CVSS6.5AI score0.00531EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/29 11:33 p.m.30 views

CVE-2022-26949

Archer 6.x through 6.9 SP2 P1 6.9.2.1 contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges...

5.3CVSS6.9AI score0.00916EPSS
Exploits0References2
Rows per page
Query Builder