CVE-2022-38197
CVE-2022-38197 affects Esri ArcGIS Server versions 10.9.1 and below, with an unvalidated redirect that could allow a remote, unauthenticated attacker to phish users to an attacker‑controlled site via a crafted query parameter. The issue stems from an unauthenticated redirection vulnerability; pre...