Medium severity6.5NVD Advisory· Published Mar 30, 2022· Updated Jun 17, 2026
CVE-2022-26951
CVE-2022-26951
Description
Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and gets executed by the web browser in the context of the vulnerable web application.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.