Archerirm Archer
28 CVEs affecting Archerirm Archer. Latest disclosed: 2025-03-11. Critical: 0, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-34092 | High | 8.8 | 2024-05-06 | An issue was discovered in Archer Platform 6 before 2024.04. Authentication was mishandled because lock did not terminate an existing session. 6.14 P3 (6.14.0… |
CVE-2023-45358 | High | 8.5 | 2023-10-17 | Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user co… |
CVE-2023-32761 | High | 8.1 | 2023-07-14 | Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execu… |
CVE-2023-32760 | High | 7.7 | 2023-07-14 | An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls relat… |
CVE-2023-48641 | High | 7.5 | 2023-12-12 | Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-inst… |
CVE-2023-32759 | High | 7.5 | 2023-07-14 | An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL. |
CVE-2024-41706 | High | 7.3 | 2024-07-25 | A stored XSS issue was discovered in Archer Platform 6 before version 2024.06. A remote authenticated malicious Archer user could potentially exploit this to s… |
CVE-2024-34091 | High | 7.3 | 2024-05-06 | An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Arche… |
CVE-2024-34090 | High | 7.3 | 2024-05-06 | An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner in the Archer Control… |
CVE-2024-34089 | High | 7.3 | 2024-05-06 | An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Arche… |
CVE-2024-26313 | High | 7.3 | 2024-03-08 | Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user co… |
CVE-2024-41705 | High | 7.1 | 2024-07-25 | A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store m… |
CVE-2023-30639 | High | 7.1 | 2023-05-01 | Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit… |
CVE-2024-49209 | Medium | 6.5 | 2024-10-22 | Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. A remote unpri… |
CVE-2023-37224 | Medium | 6.0 | 2023-07-14 | An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files. |
CVE-2024-49208 | Medium | 5.9 | 2024-10-22 | Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. A remote unprivile… |
CVE-2024-26311 | Medium | 5.7 | 2024-02-21 | Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially expl… |
CVE-2023-48642 | Medium | 5.4 | 2023-12-12 | Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated HTML content injection vulnerability. A remote authenticated malicious Archer user coul… |
CVE-2023-37223 | Medium | 5.4 | 2023-07-14 | Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execut… |
CVE-2024-34093 | Medium | 5.3 | 2024-05-06 | An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attacker could potenti… |