Every CVE whose affected-product data names Archerirm Archer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2024-34092 — CVSS 8.8 (high): An issue was discovered in Archer Platform 6 before 2024.04. Authentication was mishandled because lock did not terminate an existing…
CVE-2023-45358 — CVSS 8.5 (high): Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated…
CVE-2023-32761 — CVSS 8.1 (high): Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an…
CVE-2023-32760 — CVSS 7.7 (high): An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information…
CVE-2023-48641 — CVSS 7.5 (high): Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious…
CVE-2023-32759 — CVSS 7.5 (high): An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information…
CVE-2024-34089 — CVSS 7.3 (high): An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote…
CVE-2024-41706 — CVSS 7.3 (high): A stored XSS issue was discovered in Archer Platform 6 before version 2024.06. A remote authenticated malicious Archer user could…
CVE-2024-34091 — CVSS 7.3 (high): An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. A remote…
CVE-2024-34090 — CVSS 7.3 (high): An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting (XSS) vulnerability. The login banner…
CVE-2024-26313 — CVSS 7.3 (high): Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated…
CVE-2023-30639 — CVSS 7.1 (high): Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could…
CVE-2024-41705 — CVSS 7.1 (high): A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06. A remote authenticated malicious Archer user could potentially…
CVE-2024-49209 — CVSS 6.5 (medium): Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application…
CVE-2023-37224 — CVSS 6.0 (medium): An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information…
CVE-2024-49208 — CVSS 5.9 (medium): Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application…
CVE-2024-26311 — CVSS 5.7 (medium): Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user…
CVE-2023-37223 — CVSS 5.4 (medium): Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote…
CVE-2023-48642 — CVSS 5.4 (medium): Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated HTML content injection vulnerability. A remote authenticated…
CVE-2024-34093 — CVSS 5.3 (medium): An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated…
CVE-2024-26309 — CVSS 5.3 (medium): Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensitive information disclosure vulnerability. An unauthenticated attacker…
CVE-2024-49211 — CVSS 5.2 (medium): Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. A remote…
CVE-2024-49210 — CVSS 5.2 (medium): Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote…
CVE-2024-41707 — CVSS 4.8 (medium): An issue was discovered in Archer Platform 6 before 2024.06. Authenticated users can achieve HTML content injection. A remote authenticated…
CVE-2024-26312 — CVSS 4.3 (medium): Archer Platform 6 before 2024.03 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially…
CVE-2024-26310 — CVSS 4.3 (medium): Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user…
CVE-2023-45357 — CVSS 4.3 (medium): Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability. An authenticated attacker…
CVE-2025-27893 — CVSS 1.8 (low): In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such…