ESRI ArcGIS Online up to 10.8 onerror cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in ESRI ArcGIS Online up to 10.8. It has been classified as problematic. This affects an unknown code block of the component onerror Handler. Upgrading to version 10.9 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1112064404/08/2021VulD...price_0day$0-$5ksee documentation04/08/2021accepted90
1112064304/08/2021VulD...cvss3_meta_tempscore3.5see documentation04/08/2021accepted90
1112064204/08/2021VulD...cvss3_meta_basescore3.5see documentation04/08/2021accepted90
1112064104/08/2021VulD...cvss3_vuldb_tempscore3.504/08/2021accepted90
1112064004/08/2021VulD...cvss3_vuldb_basescore3.504/08/2021accepted90
1112063904/08/2021VulD...cvss2_vuldb_tempscore4.004/08/2021accepted90
1112063804/08/2021VulD...cvss2_vuldb_basescore4.004/08/2021accepted90
1112063704/08/2021VulD...cvss3_vuldb_eXderived from historical data04/08/2021accepted80
1112063604/08/2021VulD...cvss2_vuldb_eNDderived from historical data04/08/2021accepted80
1112063504/08/2021VulD...cvss2_vuldb_auSderived from historical data04/08/2021accepted80
1112063404/08/2021VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector04/08/2021accepted80
1112063304/08/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector04/08/2021accepted80
1112063204/08/2021VulD...cvss2_vuldb_aiNderived from vuldb v3 vector04/08/2021accepted80
1112063104/08/2021VulD...cvss2_vuldb_iiPderived from vuldb v3 vector04/08/2021accepted80
1112063004/08/2021VulD...cvss2_vuldb_ciNderived from vuldb v3 vector04/08/2021accepted80
1112062904/08/2021VulD...cvss2_vuldb_acLderived from vuldb v3 vector04/08/2021accepted80
1112062804/08/2021VulD...cvss2_vuldb_avNderived from vuldb v3 vector04/08/2021accepted80
1112062704/08/2021VulD...date1617832800 (04/08/2021)04/08/2021accepted90
1112062604/08/2021VulD...cveCVE-2021-3012mitre.org04/08/2021accepted90
1112062504/08/2021VulD...upgrade_version10.904/08/2021accepted90

Interested in the pricing of exploits?

See the underground prices here!