CVE-2022-38195
25.10.2022, 17:15
There is as reflected cross site scripting issue in Esri ArcGIS Server versions 10.9.1 and below which may allow a remote unauthorized attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victims browser.
| Vendor | Product | Version |
|---|---|---|
| esri | arcgis_server | 𝑥 ≤ 10.9.1 |
𝑥
= Vulnerable software versions