CVE-2023-25833 in Portal for ArcGISthông tin

Tóm tắt

Bởi MITRE • 10/05/2023

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser (no stateful change made or customer data rendered).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Đặt trước

15/02/2023

Tiết lộ

10/05/2023

Kiểm duyệt

được chấp nhận

EPSS

0.00443

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!