CVE-2023-25833 in Portal for ArcGISИнформация

Сводка

по MITRE • 10.05.2023

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser (no stateful change made or customer data rendered).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Резервировать

15.02.2023

Раскрытие

10.05.2023

Модерация

принято

Вход

VDB-228539

EPSS

0.00443

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!