2 matches found
CVE-2022-38190
The CVE-2022-38190 issue is a stored XSS in Esri Portal for ArcGIS Configurable Apps. A remote, unauthenticated attacker could inject and store malicious strings via crafted queries, which may execute arbitrary JavaScript in a user’s browser when accessed. No exploitation details are provided in ...
CVE-2022-38190 Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps
A stored Cross Site Scripting XSS vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser...