CVE-2023-25836
EUVD-2023-2972421.07.2023, 04:15
There is a Cross-site Scripting vulnerability in Esri Portal for ArcGIS Sites in versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute this attack are low.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| esri | portal_for_arcgis | 10.8.1 ≤ 𝑥 ≤ 10.9 |
𝑥
= Vulnerable software versions