Lucene search
K

7 matches found

CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.6 views

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

4.8CVSS6.3AI score0.00245EPSS
Exploits0References3
OSV
OSV
added 2022/12/29 8:15 p.m.3 views

CVE-2022-38205

In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to the disclosure of sensitive data not customer-published content...

7.5CVSS5.8AI score0.01521EPSS
Exploits0References1
OSV
OSV
added 2022/12/29 8:15 p.m.4 views

CVE-2022-38209

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could execute arbitrary JavaScript code in the victim’s browser...

6.1CVSS6AI score0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/29 12:0 a.m.5 views

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A security vulnerability exists in Esri Portal for ArcGIS version 10.9.1 and earlier,...

6.1CVSS6.5AI score0.00494EPSS
Exploits0References2
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-38198

There is a reflected cross site scripting issue in the Esri ArcGIS Server services directory versions 10.9.1 and below that may allow a remote, unauthenticated attacker to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser...

6.1CVSS5.6AI score0.00524EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.5 views

PT-2022-24275 · Esri · Esri Arcgis Server

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Server services directory versions 10.9.1 and below Description: The issue is a reflected cross site scripting problem that may allow a remote, unauthenticated attacker to convince a user to click on a crafted link, potentially...

6.1CVSS6.1AI score0.00524EPSS
Exploits0References3
Rows per page
Query Builder