VYPR

Portal For Arcgis

by Esri

CVEs (67)

  • CVE-2025-57874Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

  • CVE-2025-57875Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

  • CVE-2025-57877Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser.

  • CVE-2025-57878Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

  • CVE-2025-57879Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

  • CVE-2025-57876Sep 29, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the…

  • CVE-2025-55107Aug 21, 2025
    risk 0.00cvss epss 0.00

    There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute…

Page 4 of 4