Описание
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:esri:portal_for_arcgis:-:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.002
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.
EPSS
Процентиль: 42%
0.002
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79