Security Advisory

CVE-2023-25833

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-10 00:00:00

Last updated 2025-04-10 18:40:10

Assigner Esri

State PUBLISHED

Description

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser (no stateful change made or customer data rendered).

← Browse all CVEs View on cve.org ↗