CVE-2022-38190
Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Produtos afetados
Esri · Portal for ArcGISQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →