4 matches found
CVE-2024-51957
CVE-2024-51957 is a Stored XSS vulnerability in Esri ArcGIS Server versions 10.9.1 through 11.3. An authenticated attacker with publisher capabilities can create a specially crafted link that, when clicked by a victim, may execute arbitrary JavaScript in the browser. Impact is described as low to...
CVE-2024-51944 Stored XSS in Rest Services Directory
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...
PT-2023-18177 · Axis · Axis Os
Name of the Vulnerable Software and Affected Versions: AXIS OS versions 11.0.X through 11.3.x Description: The issue concerns the use of a static RSA key in legacy LUA-components to protect Axis-specific source code. This static RSA key is not utilized in any other secure communication and cannot...
Security Bulletin: Multiple IBM InfoSphere Information Server components are affected by a vulnerability in the XML4C parser (CVE-2014-8901)
Summary Multiple components of IBM InfoSphere Information Server may be affected by a denial of service attack triggered by a specially crafted XML document being parsed by the XML4C parser. Vulnerability Details CVEID: CVE-2014-8901 DESCRIPTION: IBM XML4J and XML4C contains a denial of service...