Security Advisory

CVE-2024-25706

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-04 17:55:30

Last updated 2025-04-10 19:00:17

Assigner Esri

State PUBLISHED

Description

There is an HTML injection vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a message that may entice an unsuspecting victim to visit an arbitrary website. This could simplify phishing attacks.

← Browse all CVEs View on cve.org ↗