Vulnerabilities > Archerirm

DATE CVE VULNERABILITY TITLE RISK
2024-10-22 CVE-2024-49208 Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files.
network
high complexity
archerirm CWE-863
3.1
2024-10-22 CVE-2024-49209 Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files.
network
low complexity
archerirm CWE-863
4.3
2024-10-22 CVE-2024-49210 Cross-site Scripting vulnerability in Archerirm Archer
Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09.
network
low complexity
archerirm CWE-79
6.1
2024-10-22 CVE-2024-49211 Cross-site Scripting vulnerability in Archerirm Archer
Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08.
network
low complexity
archerirm CWE-79
6.1
2024-07-25 CVE-2024-41705 Cross-site Scripting vulnerability in Archerirm Archer
A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06.
network
low complexity
archerirm CWE-79
5.4
2024-07-25 CVE-2024-41706 Cross-site Scripting vulnerability in Archerirm Archer
A stored XSS issue was discovered in Archer Platform 6 before version 2024.06.
network
low complexity
archerirm CWE-79
5.4
2024-07-25 CVE-2024-41707 Cross-site Scripting vulnerability in Archerirm Archer
An issue was discovered in Archer Platform 6 before 2024.06.
network
low complexity
archerirm CWE-79
5.4
2023-12-12 CVE-2023-48641 Authorization Bypass Through User-Controlled Key vulnerability in Archerirm Archer
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability.
network
low complexity
archerirm CWE-639
8.8
2023-12-12 CVE-2023-48642 Cross-site Scripting vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated HTML content injection vulnerability.
network
low complexity
archerirm CWE-79
5.4
2023-10-17 CVE-2023-45357 Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability.
network
low complexity
archerirm CWE-668
6.5