VYPR

Arcgis Server

by Esri

CVEs (69)

  • CVE-2024-51957Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51956Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51954Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux which, under unique circumstances, could allow a remote, low‑privileged authenticated attacker to access secure services published to a standalone (unfederated) ArcGIS…

  • CVE-2024-51953Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51952Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51951Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51950Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51949Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51948Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51947Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51946Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51945Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51944Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-51942Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-10904Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2024-5888Mar 3, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. …

  • CVE-2023-25848Aug 25, 2023
    risk 0.00cvss epss 0.00

    ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single…

  • CVE-2023-25841Jul 21, 2023
    risk 0.00cvss epss 0.01

    There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 11.0 and below on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in…

  • CVE-2023-25840Jul 21, 2023
    risk 0.00cvss epss 0.00

    There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser.  The privileges…

  • CVE-2022-38202Dec 28, 2022
    risk 0.00cvss epss 0.01

    There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below. Successful exploitation may allow a remote, unauthenticated attacker traverse the file system to access files outside of the intended directory on ArcGIS Server. This could lead to the…