Login Sign Up

CVE-2024-34089

7.3 HIGH
Cross-Site Scripting

📋 TL;DR

A stored cross-site scripting (XSS) vulnerability in Archer Platform 6 allows authenticated attackers to inject malicious scripts into application data stores. When other users access the compromised data, their browsers execute the attacker's code within the vulnerable application context. This affects Archer Platform 6 installations before version 2024.04.

💻 Affected Systems

Products:
  • Archer Platform
Versions: All versions before 2024.04, except 6.14 P3 (6.14.0.3)
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated user access to exploit

📦 What is this software?

Archer by Archerirm

View all CVEs affecting Archer →

Archer by Archerirm

View all CVEs affecting Archer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as victims, redirect to malicious sites, or compromise user accounts and data integrity.

🟠

Likely Case

Attackers with authenticated access could steal session tokens or credentials from other users, potentially leading to account takeover.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be neutralized before execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access and knowledge of vulnerable endpoints

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2024.04 or 6.14.0.3

Vendor Advisory: https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963

Restart Required: Yes

Instructions:

1. Download Archer Platform 2024.04 or 6.14.0.3 from official sources. 2. Backup current installation and data. 3. Apply the update following Archer's upgrade documentation. 4. Restart Archer services. 5. Verify successful update.

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement additional input validation and output encoding for user-supplied data in Archer custom applications

Content Security Policy

all

Implement strict Content Security Policy headers to restrict script execution

🧯 If You Can't Patch

  • Restrict user permissions to minimize attack surface
  • Implement web application firewall rules to detect and block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check Archer Platform version via Archer Control Panel or version files in installation directory

Check Version:

Check Archer Control Panel > About or examine version.txt in installation directory

Verify Fix Applied:

Verify version is 2024.04 or 6.14.0.3 and test XSS payloads in previously vulnerable fields

📡 Detection & Monitoring

Log Indicators:

  • Unusual HTML/JavaScript patterns in user input logs
  • Multiple failed XSS attempts

Network Indicators:

  • Suspicious script tags in HTTP POST requests to Archer endpoints

SIEM Query:

source="archer" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2024-34089
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CWE: CWE-79
Published: May 6, 2024
Last Updated: March 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34089, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)