Vulnerabilities > Archerirm > Archer > 6.12.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2023-48641 Authorization Bypass Through User-Controlled Key vulnerability in Archerirm Archer
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability.
network
low complexity
archerirm CWE-639
8.8
8.8
2023-12-12 CVE-2023-48642 Cross-site Scripting vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated HTML content injection vulnerability.
network
low complexity
archerirm CWE-79
5.4
5.4
2023-10-17 CVE-2023-45357 Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability.
network
low complexity
archerirm CWE-668
6.5
6.5
2023-10-17 CVE-2023-45358 Cross-site Scripting vulnerability in Archerirm Archer
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability.
network
low complexity
archerirm CWE-79
5.4
5.4