Esri

Portal For Arcgis

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-57879

  • EPSS 0.03%
  • Veröffentlicht 29.09.2025 19:15:37
  • Zuletzt bearbeitet 17.10.2025 14:15:25

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

6.1

CVE-2025-57878

  • EPSS 0.03%
  • Veröffentlicht 29.09.2025 19:15:37
  • Zuletzt bearbeitet 17.10.2025 14:15:18

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

6.1

CVE-2025-57872

  • EPSS 0.03%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:14:32

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

4.8

CVE-2025-57873

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:14:40

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the...

4.8

CVE-2025-57874

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:14:46

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the...

4.8

CVE-2025-57875

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:14:55

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the...

4.8

CVE-2025-57876

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:15:05

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitra...

4.8

CVE-2025-57877

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:36
  • Zuletzt bearbeitet 17.10.2025 14:15:14

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the...

4.8

CVE-2025-57871

  • EPSS 0.02%
  • Veröffentlicht 29.09.2025 19:15:35
  • Zuletzt bearbeitet 17.10.2025 14:08:29

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the...

4.8

CVE-2025-55107

  • EPSS 0.03%
  • Veröffentlicht 21.08.2025 19:29:59
  • Zuletzt bearbeitet 05.09.2025 15:11:57

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded coul...