📦 Portal For Arcgis
by Esri
🔍 What is Portal For Arcgis?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A hardcoded credential vulnerability in Esri Portal for ArcGIS versions 11.4 and below allows remote unauthenticated attackers to gain administrative access. This affects systems deployed in a specifi...
This path traversal vulnerability in Esri Portal for ArcGIS allows authenticated attackers to access files outside intended directories, potentially leading to sensitive data exposure or remote code e...
A local file inclusion vulnerability in Esri Portal for ArcGIS allows remote unauthenticated attackers to craft URLs that read internal files, potentially exposing sensitive configuration data. This a...
An improper authentication vulnerability in Esri Portal for ArcGIS and ArcGIS Enterprise allows authenticated low-privileged attackers to bypass authorization boundaries and gain unauthorized access. ...
A stored cross-site scripting vulnerability in Esri ArcGIS Enterprise Sites allows authenticated high-privileged attackers to inject malicious JavaScript into links. When victims click these crafted l...
A stored XSS vulnerability in Esri Portal for ArcGIS Sites allows authenticated high-privilege attackers to inject malicious JavaScript into site configurations. When victims access compromised links,...
This cross-site request forgery (CSRF) vulnerability in Esri Portal for ArcGIS allows attackers to trick authenticated users into performing unintended actions on the portal. It affects versions 11.0 ...
An unvalidated redirect vulnerability in Esri Portal for ArcGIS allows attackers to craft malicious URLs that redirect users to arbitrary websites. This can facilitate phishing attacks by making malic...
This vulnerability allows remote attackers to create malicious URLs that redirect users to arbitrary websites without validation. It affects unauthenticated users of Esri Portal for ArcGIS versions 11...
This CVE describes an unvalidated redirect vulnerability in Esri Portal for ArcGIS that allows attackers to craft malicious URLs. When clicked, these URLs can redirect victims to arbitrary external we...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS versions 11.4 and below allows remote authenticated attackers with administrative privileges to inject malicious JavaScri...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS versions 11.4 and below allows remote authenticated administrators to inject malicious JavaScript that executes in victim...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS allows remote authenticated administrators to inject malicious JavaScript that executes in victims' browsers. This affect...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS allows remote authenticated administrators to inject malicious JavaScript that executes in victims' browsers. This affect...
A stored cross-site scripting vulnerability in Esri Portal for ArcGIS 11.4 and earlier allows authenticated attackers with high privileges to inject malicious files containing JavaScript. When victims...
A stored cross-site scripting vulnerability in ArcGIS HUB and ArcGIS Enterprise Sites allows authenticated users with site creation/editing permissions to inject malicious JavaScript that executes in ...
A stored cross-site scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites allows authenticated attackers with high privileges to inject malicious files containing JavaScript. When victims...
A stored cross-site scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites allows authenticated attackers with high privileges to inject malicious files containing JavaScript. When victims...
A stored cross-site scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites allows authenticated attackers with high privileges to inject malicious files containing JavaScript. When victims...
A reflected Cross-Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS allows authenticated low-privileged attackers to craft malicious links that execute arbitrary JavaScript in victims' brow...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS 11.1 allows attackers to craft malicious links that execute arbitrary JavaScript in victims' browsers when clicked. This ...
A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS allows attackers to craft malicious links that execute arbitrary JavaScript in victims' browsers when clicked. This affec...
A stored XSS vulnerability in Esri Portal for ArcGIS Enterprise allows authenticated attackers with high privileges to inject malicious JavaScript into the Layer Showcase application. When victims cli...
A stored cross-site scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites allows authenticated attackers with high privileges to inject malicious JavaScript into site configurations. When...
A stored XSS vulnerability in Esri Portal for ArcGIS allows remote authenticated attackers to inject malicious JavaScript via crafted links when moving items. This could execute arbitrary code in vict...
A cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS Experience Builder allows authenticated low-privileged users to create malicious links that execute arbitrary JavaScript in victims...