Описание
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.1 (включая)
cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00491
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser
EPSS
Процентиль: 65%
0.00491
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79