Lucene search
+L

4 matches found

NVD
NVD
added 2024/04/04 6:15 p.m.17 views

CVE-2024-25700

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary...

4.8CVSS9.4AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 5:55 p.m.90 views

CVE-2024-25700

The CVE concerns Esri Portal for ArcGIS Enterprise Web App Builder (versions 11.1 and below). A stored Cross-site Scripting (XSS) condition can arise when an attacker with high privileges creates a crafted link stored in a web map; when clicked, it could execute arbitrary JavaScript in the victim...

4.8CVSS5.6AI score0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/04 5:55 p.m.19 views

CVE-2024-25700 Persistent XSS in URL added to a shared map

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary...

4.8CVSS0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 5:55 p.m.6 views

CVE-2024-25700 Persistent XSS in URL added to a shared map

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary...

4.8CVSS5.3AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder