CVE-2017-14370

Summary

RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Source Asset ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application.

Affected Software

VendorProductVersion RangeStatus
n/aRSA Archer GRC Platform versions prior to 6.2.0.5RSA Archer GRC Platform versions prior to 6.2.0.5affected

Weaknesses

  • Stored Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References