Portal For Arcgis Security Vulnerabilities and Issues — Portal For Arcgis CVE List

Lucene search

EsriPortal For Arcgis

3 matches found

CVE•added 2021/10/01 3:15 p.m.•41 views

CVE-2021-29109

A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser.

6.1CVSS6.2AI score0.00286EPSS

CVE•added 2021/10/01 3:15 p.m.•38 views

CVE-2021-29110

Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application.

5.4CVSS5.4AI score0.00257EPSS

CVE•added 2021/10/01 3:15 p.m.•36 views

CVE-2021-29108

There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to intercept and modify a SAML assertion to impersonate another account (XML Signature Wrapping Attack). In ad...

8.8CVSS8.8AI score0.00292EPSS