A cross site scripting vulnerability exists in some map service configurations of ArcGIS Server versions 10.8.1 and 10.7.1. Specifically crafted web requests can execute arbitrary JavaScript in the context of the victim's browser.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Esri
Published: 2022-07-22T00:00:00
Updated: 2022-10-25T00:00:00
Reserved: 2022-08-12T00:00:00
Link: CVE-2022-38200
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-25T17:15:55.527
Modified: 2022-10-31T13:40:25.870
Link: CVE-2022-38200
JSON object: View
Redhat Information
No data.
CWE