A stored Cross Site Scripting (XSS) vulnerability in Esri...
Moderate severity
Unreviewed
Published
Aug 17, 2022
to the GitHub Advisory Database
•
Updated Jan 29, 2023
Description
Published by the National Vulnerability Database
Aug 16, 2022
Published to the GitHub Advisory Database
Aug 17, 2022
Last updated
Jan 29, 2023
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.
References