There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated malicious user to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
esri portal for arcgis 10.9.1 |
||
esri portal for arcgis 11.0 |