Vulnerabilities > RSA > Archer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-04 | CVE-2020-5334 | Cross-site Scripting vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. | 6.1 |
| 2020-05-04 | CVE-2020-5333 | Incorrect Authorization vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. | 4.3 |
| 2020-05-04 | CVE-2020-5331 | Information Exposure vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. | 5.5 |
| 2019-09-18 | CVE-2019-3756 | Information Exposure vulnerability in RSA Archer RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. | 6.5 |
| 2018-08-24 | CVE-2018-11065 | SQL Injection vulnerability in RSA Archer 6.1.0.0 The WorkPoint component, which is embedded in all RSA Archer, versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1, contains a SQL injection vulnerability. | 4.3 |
| 2018-07-24 | CVE-2018-11059 | Cross-site Scripting vulnerability in RSA Archer 6.1.0.0/6.4.0.0 RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. | 5.4 |