CVE-2017-14371

Name of the Vulnerable Software and Affected Versions RSA Archer GRC Platform versions prior to 6.2.0.5

Description The issue is related to reflected cross-site scripting via the request URL. Attackers could potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application.

Recommendations For versions prior to 6.2.0.5, update to version 6.2.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features of the RSA Archer GRC Platform to minimize the risk of exploitation.