PT-2023-20337 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions 10.7.1 through 10.9.1 Description: The issue allows a remote, unauthenticated attacker to create a crafted link which, when clicked, could potentially execute arbitrary JavaScript code in the victim’s browser...

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal for ArcGIS versions 10.8.1...

PT-2022-24281 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions 10.7.1 through 10.8.1 Description: The issue is related to a reflected XSS vulnerability that could allow a remote, unauthenticated attacker to create a crafted link. When clicked, this link could potentially...

PT-2022-24284 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions 10.7.1 through 10.8.1 Description: The issue is related to a reflected XSS vulnerability that may allow a remote, unauthenticated attacker to create a crafted link. When clicked, this link could execute arbitra...

CVE-2022-38200

A cross site scripting vulnerability exists in some map service configurations of ArcGIS Server versions 10.8.1 and 10.7.1. Specifically crafted web requests can execute arbitrary JavaScript in the context of the victim's browser...