📦 Archer

A stored cross-site scripting (XSS) vulnerability in Archer Platform allows authenticated attackers to inject malicious scripts into application data stores. When other users access these stores throu...

A stored cross-site scripting (XSS) vulnerability in Archer Platform 6 allows authenticated attackers to inject malicious scripts into application data stores. When other users access the compromised ...

A stored cross-site scripting (XSS) vulnerability in Archer Platform 6 allows authenticated attackers to inject malicious HTML/JavaScript into the application's data store. When other users access the...

Archer Platform 6.x contains a stored cross-site scripting (XSS) vulnerability that allows authenticated malicious users to inject and store malicious HTML/JavaScript in the application's data store. ...

Archer Platform 6.x contains an insecure direct object reference vulnerability that allows authenticated malicious users in multi-instance installations to bypass authorization checks by manipulating ...

This stored cross-site scripting (XSS) vulnerability in Archer Platform allows authenticated attackers to inject malicious scripts into the application's data store. When other users access the compro...

This vulnerability in Archer Platform allows authenticated attackers to access sensitive information by crafting specific URLs. It affects Archer Platform versions before 6.13, specifically those not ...

This CSRF vulnerability in Archer Platform allows authenticated attackers to execute arbitrary code via crafted requests. It affects Archer Platform versions before 6.13, specifically those not update...

Archer Platform versions before 6.12 P6 HF1 contain a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to inject malicious scripts into the application data store. W...

This vulnerability allows reflected cross-site scripting (XSS) in Archer Platform's iView List UX page. An unauthenticated attacker can trick a victim into visiting a malicious link containing JavaScr...

Archer Platform 2024.03 versions before 2024.08 have an authorization bypass vulnerability in supporting application files. This allows remote unprivileged attackers to elevate privileges and delete s...

This vulnerability allows authenticated Archer Platform users to inject malicious HTML content into the application's data store. When other users access this stored content through their browsers, th...

Archer Platform 6 contains a sensitive information disclosure vulnerability where authenticated attackers can access sensitive data through popup warning messages. This affects organizations using Arc...

This vulnerability in Archer Platform 6 allows unauthenticated attackers to bypass IP whitelisting controls when the X-Forwarded-For header is enabled. Attackers can potentially access restricted reso...