CVE-2024-41707

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 25, 2024

Updated: Jul 30, 2024

CWE ID 79

Summary

CVE-2024-41707 is a vulnerability affecting Archer Platform versions prior to 2024.06. This issue allows authenticated users to inject malicious HTML content into the system. A malicious user, given access to the platform, could potentially exploit this vulnerability by storing harmful HTML code in a trusted data store. When victims access the data store through their web browsers, the malicious code gets executed, posing a potential security risk to the application and its users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Archer Integrated Risk Management

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xKo5R_
https://www.cve.org/CVERecord?id=CVE-2024-41707
https://nvd.nist.gov/vuln/detail/CVE-2024-41707

Back to Vulnerability Database

CVE-2024-41707

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations