CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38201 – An unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.
https://notcve.org/view.php?id=CVE-2022-38201
An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain. Existe una vulnerabilidad de redireccionamiento no validada en Esri Portal for ArcGIS Quick Capture Web Designer versiones 10.8.1 a 10.9.1. Un atacante remoto y no autenticado puede potencialmente inducir a un usuario autenticado desprevenido a acceder a un dominio controlado por un atacante. • https://www.esri.com/arcgis-blog/products/product/uncategorized/portal-for-arcgis-quick-capture-security-patch-is-now-available • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •