Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

Positive Technologies
Positive Technologiesadded 2025/09/29 12:0 a.m.4 views

PT-2025-39863

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 and below Description A stored Cross-site Scripting issue exists in Esri Portal for ArcGIS. A remote, authenticated attacker can inject a malicious file containing an XSS script. When loaded, this script...

4.8CVSS5.7AI score0.00207EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/08/23 8:13 p.m.4 views

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.9AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/23 8:13 p.m.6 views

CVE-2025-55107

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.9AI score0.00209EPSS
Exploits0References1
NVD
NVDadded 2025/08/21 8:15 p.m.4 views

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
NVD
NVDadded 2025/08/21 8:15 p.m.7 views

CVE-2025-55107

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/21 7:29 p.m.6 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/21 7:29 p.m.4 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS7AI score0.00209EPSS
Exploits0References1
CVE
CVEadded 2025/08/21 7:29 p.m.22 views

CVE-2025-55106

CVE-2025-55106 concerns Esri Portal for ArcGIS Enterprise Sites, affected versions 10.9.1–11.4. A stored cross-site scripting vulnerability exists where an authenticated user can inject a malicious file containing an XSS script; when the file is loaded, it may execute arbitrary JavaScript in the ...

4.8CVSS6.3AI score0.00207EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/21 7:29 p.m.4 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/21 7:29 p.m.7 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS0.00207EPSS
Exploits0References1
CVE
CVEadded 2025/08/21 7:29 p.m.20 views

CVE-2025-55105

Summary of CVE-2025-55105 : A stored Cross-site Scripting flaw exists in Esri Portal for ArcGIS Enterprise Sites (versions 10.9.1–11.4). According to the connected documents, an authenticated attacker can inject a malicious file containing XSS code, which when loaded may execute arbitrary JavaScr...

4.8CVSS6.3AI score0.00207EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/21 7:29 p.m.4 views

CVE-2025-55105 BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.8AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/21 7:25 p.m.2 views

CVE-2025-55103 BUG-000177333 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.2AI score0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/21 12:0 a.m.6 views

PT-2025-34282 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists that may allow a remote, authenticated attacker to inject a malicious file containing an XSS script. When loaded, thi...

4.8CVSS5.8AI score0.00207EPSS
Exploits0References5
NVD
NVDadded 2024/10/04 6:15 p.m.14 views

CVE-2024-25694

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the Layer Showcase application configuration which when clicked could potentially execute...

4.8CVSS0.00268EPSS
Exploits0References1
CVE
CVEadded 2024/10/04 5:17 p.m.62 views

CVE-2024-25701

CVE-2024-25701 is a stored XSS vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder, affecting versions 10.8.1–11.1 (per connected sources). An authenticated, remote attacker can craft a link stored in the Experience Builder Embed widget, which when loaded may execute arbitrary J...

4.8CVSS5.5AI score0.00266EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder