Medium severity6.3NVD Advisory· Published Mar 30, 2022· Updated Jun 17, 2026
CVE-2022-26947
CVE-2022-26947
Description
Archer 6.x through 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and gets executed by the web browser in the context of the vulnerable web application.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.