Filtered by vendor Esri
Subscriptions
Filtered by product Arcgis Enterprise
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3012 | 1 Esri | 1 Arcgis Enterprise | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in the Document Link of documents in ESRI Enterprise before 10.9 allows remote authenticated users to inject arbitrary JavaScript code via a malicious HTML attribute such as onerror (in the URL field of the Parameters tab). | ||||
| CVE-2021-29115 | 1 Esri | 1 Arcgis Enterprise | 2024-11-21 | 5.3 Medium |
| An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden field names in feature layers. This issue may reveal field names, but not not disclose features. | ||||
| CVE-2019-16193 | 1 Esri | 1 Arcgis Enterprise | 2024-11-21 | 5.4 Medium |
| In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY PROFILE feature. | ||||
Page 1 of 1.