There is as reflected cross site scripting issue in Esri ArcGIS Server versions 10.9.1 and below which may allow a remote unauthorized attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
esri arcgis server |