Описание
There is a cross site scripting vulnerability in the Esri Portal for ArcGIS Experience Builder 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are low.
Уязвимые конфигурации
Одновременно
Одно из
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
There is a cross site scripting vulnerability in the Esri Portal for ArcGIS Experience Builder 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are low.
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3