CVE-2020-5334

Name of the Vulnerable Software and Affected Versions RSA Archer versions prior to 6.7 P2 (6.7.0.2)

Description The issue is related to a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.

Recommendations For versions prior to 6.7 P2 (6.7.0.2), update to version 6.7 P2 (6.7.0.2) or later to resolve the issue. As a temporary workaround, consider restricting user input to prevent the supply of malicious HTML or JavaScript code to the DOM environment.