CVE-2023-37223
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Jul 14, 2023
Updated: Jul 26, 2023
CWE ID 79
Summary
CVE-2023-37223 is a Cross-Site Scripting (XSS) vulnerability affecting the Archer Platform before versions 6.12.0.6 and 6.13. A successful attack exploiting this issue allows a remote, authenticated attacker to inject and execute arbitrary code on affected systems. This can lead to unauthorized actions, data theft, or session hijacking. The vulnerability was addressed in versions 6.12.0.6 and 6.13.0 of the Archer Platform.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Archer Integrated Risk Management