Medium severity6.1NVD Advisory· Published Dec 29, 2022· Updated Jun 17, 2026
CVE-2022-38208
CVE-2022-38208
Description
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.
Affected products
2- Range: <=11
- Range: Portal for ArcGIS
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.