RSA Archer is an enterprise IT governance and compliance governance product from RSA UK.A cross-site scripting vulnerability exists in Archer versions 6.x (inclusive) through 6.10 (inclusive), which stems from the lack of proper validation of client-side data by WEB applications. A remote attacker could exploit this vulnerability by tricking a user into serving malicious HTML or JavaScript code to a vulnerable Web application.