CVE-2025-27893 Information

Description

In Archer Platform 6 through 6.14.00202.10024 an authenticated user with record creation privileges can manipulate immutable fields such as the creation date by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. This enables unauthorized modification of system-generated metadata compromising data integrity and potentially impacting auditing compliance and security controls.

Reference

https://archerirm.com https://github.com/NastyCrow/CVE-2025-27893 https://github.com/NastyCrow/CVE-2025-27893