Arcgis Server Security Vulnerabilities and Issues — Arcgis Server CVE List

Lucene search

EsriArcgis Server

4 matches found

CVE•added 2013/12/30 4:53 a.m.•40 views

CVE-2013-7231

Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222.

3.5CVSS5.4AI score0.00172EPSS

CVE•added 2013/09/24 10:35 a.m.•39 views

CVE-2013-5221

The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated users to upload .exe files by leveraging (1) publisher or (2) administrator privileges.

3.5CVSS6.6AI score0.00131EPSS

CVE•added 2013/12/30 4:53 a.m.•36 views

CVE-2013-5222

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5CVSS5.4AI score0.00172EPSS

CVE•added 2023/07/21 7:15 p.m.•35 views

CVE-2023-25840

There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this att...

3.4CVSS3.9AI score0.00176EPSS