Filtered by vendor Archerirm
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37224 | 1 Archerirm | 1 Archer | 2024-11-21 | 6 Medium |
| An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files. | ||||
| CVE-2023-37223 | 1 Archerirm | 1 Archer | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execute arbitrary code via a crafted malicious script. | ||||
| CVE-2023-32761 | 1 Archerirm | 1 Archer | 2024-11-21 | 8.1 High |
| Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request. | ||||
| CVE-2023-32760 | 1 Archerirm | 1 Archer | 2024-11-21 | 7.7 High |
| An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication. | ||||
| CVE-2023-32759 | 1 Archerirm | 1 Archer | 2024-11-21 | 7.5 High |
| An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL. | ||||
| CVE-2024-49211 | 1 Archerirm | 1 Archer | 2024-10-30 | 5.2 Medium |
| Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and executed by the web browser in the context of the vulnerable web application. | ||||
| CVE-2024-49210 | 1 Archerirm | 1 Archer | 2024-10-30 | 5.2 Medium |
| Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and executed by the web browser in the context of the vulnerable web application. | ||||