CVE-2015-4541

RSA Archer GRC 5.x < 5.5.3 - Authenticated Cross-Site Scripting

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html

Third Party Advisory mailing-list x_refsource_bugtraq

http://seclists.org/bugtraq/2015/Sep/105

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1033649

Scores

EPSS 0.0034

EPSS Percentile 56.5%

Details

CWE

CWE-79

Status published

Products (3)

emc/rsa_archer_grc 5.5.0

emc/rsa_archer_grc 5.5.1

emc/rsa_archer_grc 5.5.2

Published Sep 26, 2015

Tracked Since Feb 18, 2026