There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated malicious user to inject HTML into some locations in the home application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
esri portal for arcgis |