3 matches found
CVE-2024-25690 HTML injection in ArcGIS Web AppBuilder
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser...
CVE-2024-25690 HTML injection in ArcGIS Web AppBuilder
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser...
CVE-2024-25690
CVE-2024-25690 describes an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below. An unauthenticated remote attacker could craft a link that, when clicked by a victim, renders arbitrary HTML in the browser. The description notes a network attack with user interaction req...