CVE-2022-38190

A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*

Information

Published : 2022-08-15 14:15

Updated : 2022-08-16 10:17


NVD link : CVE-2022-38190

Mitre link : CVE-2022-38190


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

esri

  • portal_for_arcgis