Unrated severityNVD Advisory· Published Nov 15, 2022· Updated Apr 10, 2025
An unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.
CVE-2022-38201
Description
An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain.
Affected products
2- Range: >=10.8.1, <=10.9.1
- Esri/ArcGIS Quickcapturev5Range: 10.8.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.