CVE-2024-25692
BUG-000154722 - Cross-site request forgery (CSRF) issue in Portal for ArcGIS
There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Produtos afetados
Esri · Portal for ArcGISQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →