Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38188PUBLISHED: 2022-08-15There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser.
CVE-2022-38190PUBLISHED: 2022-08-15
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the userââ&...
CVE-2022-38191PUBLISHED: 2022-08-15There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.
CVE-2022-35822PUBLISHED: 2022-08-15Windows Defender Credential Guard Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-34709.
CVE-2022-38186PUBLISHED: 2022-08-15
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’...
User Rank: Strategist
5/4/2018 | 10:10:26 AM