CVE-2024-49211

Name of the Vulnerable Software and Affected Versions Archer Platform versions 6.x before 2024.08

Description A Reflected XSS issue was discovered in the Dashboard Listing Archer Platform UX page. This could allow a remote unauthenticated attacker to trick a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application. The malicious code is then reflected back to the victim and executed by the web browser in the context of the vulnerable web application.

Recommendations For Archer Platform versions 6.x before 2024.08, update to version 2024.08 or later to resolve the issue. As a temporary workaround, consider restricting access to the Dashboard Listing Archer Platform UX page to minimize the risk of exploitation. Avoid using the vulnerable page until the issue is resolved.