An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control Panel (ACP) did not previously escape content appropriately. 6.14 P3 (6.14.0.3) is also a fixed release.
History

Fri, 01 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-05-06T00:00:00

Updated: 2024-11-01T19:42:36.007Z

Reserved: 2024-04-30T00:00:00

Link: CVE-2024-34090

cve-icon Vulnrichment

Updated: 2024-08-02T02:42:59.867Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-06T16:15:13.423

Modified: 2024-11-01T20:35:10.933

Link: CVE-2024-34090

cve-icon Redhat

No data.