CVE-2023-45358: XSS
First published: Tue Oct 17 2023(Updated: )
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14 (6.14.0) is also a fixed release.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RSA Archer | >=6.0<6.13.0.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-45358?
CVE-2023-45358 is a stored cross-site scripting (XSS) vulnerability in Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2).
What is the severity of CVE-2023-45358?
CVE-2023-45358 has a severity rating of 8.5 (high).
How does CVE-2023-45358 affect Archer Platform?
CVE-2023-45358 affects Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) by allowing a remote authenticated malicious user to store malicious HTML or JavaScript code in a trusted application data store.
How can CVE-2023-45358 be exploited?
CVE-2023-45358 can be exploited by a remote authenticated malicious Archer user.
Is there a fix for CVE-2023-45358?
Yes, a fix for CVE-2023-45358 is available in Archer Platform 6.13 P2 HF2 (6.13.0.2.2) and later versions.
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/archerirm
- canonical/rsa archer
- version/rsa archer/6.0