2 matches found
CVE-2023-25835 BUG-000153659 ArcGIS Enterprise Sites has a stored XSS vulnerability
There is a stored Cross‑Site Scripting XSS vulnerability in Esri Portal for ArcGIS Sites versions 11.1 and below that may allow a remote, authenticated attacker with high‑privileged access to create a crafted link that is persisted within the site configuration. When accessed by a victim, the...
CVE-2023-25835
Summary (CVE-2023-25835) : A stored Cross-Site Scripting (XSS) vulnerability affects Esri Portal for ArcGIS Enterprise Sites versions 10.8.1–11.1, where a remote, authenticated attacker with high privileges can craft a link stored in the site configuration that, when clicked by a victim, executes...