How severe is CVE-2024-26311?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.7 out of 10.

What type of vulnerability is CVE-2024-26311?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2024-26311 - MEDIUM Severity | CVSS 5.7

Vulnerability Description

Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then reflected to the victim and gets executed by the web browser in the context of the vulnerable web application.

Related Vulnerabilities

CVE-2017-9546

MEDIUM

CVSS:5.7(Medium)

admin.php in BigTree through 4.2.18 allows remote authenticated users to cause a denial of service (inability to save revisions) via XSS sequences in a revision name.

CWE-792017

CVE-2019-0949

MEDIUM

CVSS:5.7(Medium)

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnera...

CWE-792019

CVE-2019-0950

MEDIUM

CVSS:5.7(Medium)

CWE-792019

CVE-2019-3418

MEDIUM

CVSS:5.7(Medium)

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability...

CWE-792019

CVE-2021-3988

MEDIUM

CVSS:5.7(Medium)

A Cross-site Scripting (XSS) vulnerability exists in janeczku/calibre-web, specifically in the file `edit_books.js`. The vulnerability occurs when editing book properties, such as uploading a cover or...

CWE-792021

CVE-2021-41101

MEDIUM

CVSS:5.7(Medium)

wire-server is an open-source back end for Wire, a secure collaboration platform. Before version 2.106.0, the CORS ` Access-Control-Allow-Origin ` header set by `nginz` is set for all subdomains of `....

CWE-792021