Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and gets executed by the web browser in the context of the vulnerable web application.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-29T23:33:27
Updated: 2024-08-03T05:18:38.375Z
Reserved: 2022-03-12T00:00:00
Link: CVE-2022-26951
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-03-30T00:15:09.423
Modified: 2024-11-21T06:54:51.733
Link: CVE-2022-26951
Redhat
No data.