CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38201 – An unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.
https://notcve.org/view.php?id=CVE-2022-38201
15 Nov 2022 — An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain. Existe una vulnerabilidad de redireccionamiento no validada en Esri Portal for ArcGIS Quick Capture Web Designer versiones 10.8.1 a 10.9.1. Un atacante remoto y no autenticado puede potencialmente inducir a un usuario autenticado desprevenido a acced... • https://www.esri.com/arcgis-blog/products/product/uncategorized/portal-for-arcgis-quick-capture-security-patch-is-now-available • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •