exploitDog

GHSA-fxpp-6992-65m4

Опубликовано: 16 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.

There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.

Ссылки

EPSS

Процентиль: 36%

0.00154

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-74

CWE-79

Связанные уязвимости

CVE-2022-38191

CVSS3: 6.1

nvd

больше 3 лет назад

There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.

EPSS

Процентиль: 36%

0.00154

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-74

CWE-79