VYPR
Unrated severityNVD Advisory· Published Aug 15, 2022· Updated Apr 10, 2025

Stored cross-site scripting vulnerability in Esri Portal for ArcGIS Configurable Apps

CVE-2022-38190

Description

A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.