Lucene search
PRIOn knowledge basePRION:CVE-2023-25836HistoryJul 21, 2023 - 4:15 a.m.
Cross site scripting
2023-07-2104:15:00
PRIOn knowledge base
www.prio-n.com
3
cross-site scripting
esri portal sites
vulnerability
remote attacker
authenticated
crafted link
arbitrary javascript
low privileges
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute this attack are low.
| CPE | Name | Operator | Version |
|---|---|---|---|
| portal_for_arcgis | ge | 10.8.1 | |
| portal_for_arcgis | le | 10.9 |
Related
nvd
nvd
CVE-2023-25836
2023-07-21 04:15:11
cve
cve
CVE-2023-25836
2023-07-21 04:15:11
cvelist
cvelist
CVE-2023-25836 BUG-000135364 XSS in 10.8.1 sites builder iframe source
2023-07-21 03:41:09