Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path.
RSA Archer GRC versions prior to 5.3 and 5.2SP1 suffer from path traversal, cross site scripting, cross-domain policy, and clickjacking vulnerabilities.