2 matches found
Esri ArcGIS Server Cross-Site Scripting Vulnerability (CNVD-2025-05072)
Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A security vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create specially crafted links that, when clicked, may execute...
CVE-2024-51958
There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or...