Unrated severityNVD Advisory· Published Aug 15, 2022· Updated Apr 10, 2025
Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps
CVE-2022-38190
Description
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: all
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.