CVE-2023-25830
CVSS V2 None
CVSS V3 None
Description
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.
Overview
- CVE ID
- CVE-2023-25830
- Assigner
- psirt@esri.com
- Vulnerability Status
- Awaiting Analysis
- Published Version
- 2023-05-09T17:15:10
- Last Modified Date
- 2023-05-09T17:36:56
Weakness Enumerations
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-25830 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25830 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-05-09 19:02:21 | Added to TrackCVE | |||
2023-05-09 19:02:26 | Weakness Enumeration | new |