Unrated severityNVD Advisory· Published Aug 15, 2022· Updated Apr 10, 2025
HTML injection vulnerability in Portal for ArcGIS
CVE-2022-38191
Description
There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.
Affected products
2<=10.9.0+ 1 more
- (no CPE)range: <=10.9.0
- (no CPE)range: all
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.