EUVD-2025-5510

Malicious code in bioql PyPI...

EUVD-2025-27596

Malicious code in bioql PyPI...

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

CVE-2025-55105

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

CVE-2025-55107

Vulnerability : CVE-2025-55107 affects Esri Portal for ArcGIS Enterprise Sites (versions 10.9.1–11.4). Issue : Stored Cross-Site Scripting allows a remote, authenticated attacker to inject a file containing an XSS script; when loaded, the script could execute arbitrary JavaScript in the victim’s ...

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

CVE-2025-55105

Summary of CVE-2025-55105 : A stored Cross-site Scripting flaw exists in Esri Portal for ArcGIS Enterprise Sites (versions 10.9.1–11.4). According to the connected documents, an authenticated attacker can inject a malicious file containing XSS code, which when loaded may execute arbitrary JavaScr...

PT-2025-34282 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists that may allow a remote, authenticated attacker to inject a malicious file containing an XSS script. When loaded, thi...

CVE-2023-30469

Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view component allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00...

Esri ArcGIS Server 跨站脚本漏洞

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3 that stems from the application's lack of effective filtering and escaping of user-supplied dat...

CVE-2024-25708

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.9.1 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s...

MobiSystems Office Suite Premium 路径遍历漏洞

MobiSystems Office Suite Premium is an office software suite from MobiSystems, Inc. A security vulnerability exists in MobiSystems Office Suite Premium version 10.9.1.42602, which stems from a Local File Inclusion LFI vulnerability in the component assembly /etc/hosts...

CVE-2023-30469

Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view component allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00...

Hitachi Ops Center Analyzer 跨站脚本漏洞

Hitachi Ops Center Analyzer is a data center management software from Hitachi, Japan. It monitors, reports, and correlates end-to-end performance from servers to storage. A security vulnerability exists in Hitachi Ops Center Analyzer versions 10.9.1-00 through 10.9.2-00, which stems from the...

CVE-2023-25831

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser...

PT-2023-20340 · Esri · Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Portal for ArcGIS versions 10.9.1 and below Description: Changes to user permissions in Portal for ArcGIS are incompletely applied in specific use cases, potentially allowing users to access content they are no longer privileged to access...

CVE-2022-38211

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.9.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

PT-2022-24283 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions 10.9.1 and below Description: The issue is a reflected XSS vulnerability that may allow a remote, unauthenticated attacker to create a crafted link. When clicked, this link could execute arbitrary JavaScript co...

Esri Portal for ArcGIS 路径遍历漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A security vulnerability exists in Esri Portal for ArcGIS versions 10.9.1 and earlier,...

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal for ArcGIS 10.9.1 and prior...