Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2025/08/23 8:13 p.m.5 views

CVE-2025-55103

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.9AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/23 8:13 p.m.5 views

CVE-2025-55104

A stored cross-site scripting XSS vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute ...

4.8CVSS5AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.9 views

CVE-2025-55104

A stored cross-site scripting XSS vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute ...

4.8CVSS0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.5 views

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/08/21 8:15 p.m.3 views

CVE-2025-55104

A stored cross-site scripting XSS vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute ...

4.8CVSS5.6AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.7 views

CVE-2025-55107

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00209EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 8:15 p.m.7 views

CVE-2025-55103

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 7:29 p.m.6 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/21 7:29 p.m.4 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS7AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/21 7:29 p.m.4 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 7:29 p.m.6 views

CVE-2025-55105 BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/21 7:29 p.m.4 views

CVE-2025-55105 BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 7:28 p.m.10 views

CVE-2025-55104 BUG-000173918 - ArcGIS Enterprise Sites has a security vulnerability.

A stored cross-site scripting XSS vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute ...

4.8CVSS0.00173EPSS
Exploits0References1
CVE
CVE
added 2025/08/21 7:28 p.m.17 views

CVE-2025-55104

Summary (CVE-2025-55104): A stored XSS vulnerability affects ArcGIS HUB and ArcGIS Enterprise Sites. An authenticated user who can create or edit a site can store an XSS payload; when triggered, attacker-supplied JavaScript can execute in a victim’s browser. Public exploit details are not provide...

4.8CVSS4.8AI score0.00173EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/21 7:25 p.m.6 views

CVE-2025-55103 BUG-000177333 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.1 views

Esri Portal for ArcGIS Enterprise Sites 跨站脚本漏洞

Esri Portal for ArcGIS Enterprise Sites is a geographic information portal publishing software from Esri, Inc. A cross-site scripting vulnerability exists in Esri Portal for ArcGIS Enterprise Sites, which stems from a stored cross-site scripting vulnerability that could lead to the execution of...

4.8CVSS6AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.2 views

Esri Portal for ArcGIS Enterprise Sites 跨站脚本漏洞

esri Portal for ArcGIS Enterprise Sites is an enterprise-level geographic information sharing platform from ESRI that allows users within an organization to view, edit, and share geographic information through the portal. A cross-site scripting vulnerability exists in esri Portal for ArcGIS...

4.8CVSS6.3AI score0.00207EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34279 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS Enterprise Sites that may allow a remote, authenticated attacker to inject a malicious file...

4.8CVSS5.8AI score0.00207EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34283 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS Enterprise Sites that may allow a remote, authenticated attacker to inject a malicious file...

4.8CVSS5.5AI score0.00209EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34281 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists that may allow a remote, authenticated attacker to inject a malicious file containing an XSS script. When loaded, thi...

4.8CVSS6.2AI score0.00207EPSS
Exploits0References5
Rows per page
Query Builder