CVE-2021-3012
The CVE-2021-3012 entry concerns a cross-site scripting (XSS) vulnerability in Esri ArcGIS Enterprise/Server prior to version 10.9. The flaw arises in the Document Link of documents, where remote authenticated users can inject arbitrary JavaScript by exploiting a malicious HTML attribute (e.g., o...