Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ArcherirmArcher2024.03

8 matches found

CVE
CVEadded 2024/10/22 5:15 p.m.76 views

CVE-2024-49209

Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and upload additional system icons.

6.5CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2024/05/06 4:15 p.m.45 views

CVE-2024-34092

An issue was discovered in Archer Platform 6 before 2024.04. Authentication was mishandled because lock did not terminate an existing session. 6.14 P3 (6.14.0.3) is also a fixed release.

8.8CVSS6.8AI score0.00107EPSS
CVE
CVEadded 2024/07/25 8:15 a.m.44 views

CVE-2024-41705

A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the ma...

7.1CVSS5.6AI score0.00281EPSS
CVE
CVEadded 2024/05/06 4:15 p.m.43 views

CVE-2024-34089

An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When vic...

7.3CVSS5.2AI score0.00225EPSS
CVE
CVEadded 2024/07/25 8:15 a.m.43 views

CVE-2024-41706

A stored XSS issue was discovered in Archer Platform 6 before version 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, ...

7.3CVSS5.6AI score0.00228EPSS
CVE
CVEadded 2024/05/06 4:15 p.m.42 views

CVE-2024-34091

An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When vic...

7.3CVSS5.2AI score0.00225EPSS
CVE
CVEadded 2024/05/06 4:15 p.m.40 views

CVE-2024-34090

An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.

7.3CVSS5.6AI score0.00664EPSS
CVE
CVEadded 2024/10/22 5:15 p.m.39 views

CVE-2024-49208

Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit this vulnerability to elevate their privileges and delete system icons.

5.9CVSS7AI score0.00107EPSS