Описание
Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 (6.11.0.4) is also a fixed release.
Уязвимые конфигурации
Конфигурация 1Версия от 6.8.0.0 (включая) до 6.11.0.4 (включая)Версия от 6.12.0.0 (включая) до 6.12.0.6.1 (исключая)
Одно из
cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*
cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00261
Низкий
7.1 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 7.1
github
почти 3 года назад
Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 (6.11.0.4) is also a fixed release.
EPSS
Процентиль: 49%
0.00261
Низкий
7.1 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79