CVE-2023-48642
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Dec 12, 2023
Updated: Dec 14, 2023
CWE ID 79
Summary
CVE-2023-48642 is a vulnerability affecting Archer Platform versions 6.x before 6.13 P2 (6.13.0.2). This issue involves an authenticated HTML content injection vulnerability, which allows a remote, malicious user with Archer Platform access to inject malicious HTML code into a trusted data store. When users access this data store through their web browsers, the malicious code gets executed, potentially causing security risks. Archer Platform's versions 6.14 (6.14.0) and later have been released as fixes for this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Archer Integrated Risk Management