exploitDog

GHSA-rwq8-4chg-7w5w

Опубликовано: 26 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 5

Описание

There is a Cross Site Scripting issue in Esri ArcGIS Pro versions 3.6.0 and earlier. A local attacker could supply malicious strings into ArcGIS Pro which may execute when a specific dialog is opened. This issue is fixed in ArcGIS Pro 3.6.1.

There is a Cross Site Scripting issue in Esri ArcGIS Pro versions 3.6.0 and earlier. A local attacker could supply malicious strings into ArcGIS Pro which may execute when a specific dialog is opened. This issue is fixed in ArcGIS Pro 3.6.1.

Ссылки

EPSS

Процентиль: 0%

0.00006

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2026-1446

CVSS3: 5

nvd

12 дней назад

There is a Cross Site Scripting issue in Esri ArcGIS Pro versions 3.6.0 and earlier. A local attacker could supply malicious strings into ArcGIS Pro which may execute when a specific dialog is opened. This issue is fixed in ArcGIS Pro 3.6.1.

EPSS

Процентиль: 0%

0.00006

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-79