Portal For Arcgis Security Vulnerabilities and Issues — Page 2 of Portal For Arcgis CVE List

Lucene search

EsriPortal For Arcgis

55 matches found

CVE•added 2021/10/01 3:15 p.m.•38 views

CVE-2021-29110

Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application.

5.4CVSS5.4AI score0.00257EPSS

CVE•added 2021/10/01 3:15 p.m.•36 views

CVE-2021-29108

There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to intercept and modify a SAML assertion to impersonate another account (XML Signature Wrapping Attack). In ad...

8.8CVSS8.8AI score0.00292EPSS

CVE•added 2024/10/04 6:15 p.m.•36 views

CVE-2024-8149

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and 11.2 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

6.1CVSS5.4AI score0.00089EPSS

CVE•added 2023/05/09 5:15 p.m.•34 views

CVE-2023-25829

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

6.1CVSS6.3AI score0.00422EPSS

CVE•added 2023/05/09 4:15 p.m.•28 views

CVE-2023-25834

Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access.

5.4CVSS5.4AI score0.00111EPSS

Total number of security vulnerabilities55