Lucene search
+L

4 matches found

NVD
NVD
added 2024/04/04 6:15 p.m.14 views

CVE-2024-25696

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

4.8CVSS5.4AI score0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 5:53 p.m.10 views

CVE-2024-25696 Stored XSS in Portal for ArcGIS

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

4.8CVSS5.4AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 5:53 p.m.92 views

CVE-2024-25696

CVE-2024-25696 is a cross-site scripting vulnerability in Esri Portal for ArcGIS affecting versions 11.0 and earlier. An attacker with remote access and high privileges (authenticated) can construct a link that causes the page editor to render an image in the victim’s browser, implying a stored/r...

4.8CVSS5.4AI score0.00373EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/04 5:53 p.m.22 views

CVE-2024-25696 Stored XSS in Portal for ArcGIS

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

4.8CVSS5.3AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder