Описание
An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.
Ссылки
- Product
- Vendor Advisory
- Product
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.14.0.3 (исключая)
Одно из
cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*
cpe:2.3:a:archerirm:archer:2024.03:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.0069
Низкий
7.3 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.3
github
почти 2 года назад
An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.
EPSS
Процентиль: 71%
0.0069
Низкий
7.3 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79