Описание
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.1 (включая)
cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.002
Низкий
6.1 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.
EPSS
Процентиль: 42%
0.002
Низкий
6.1 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79