Page 17 of 92 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Desktop, ArcGIS for Engine, and ArcGIS for Server 10.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en ESRI ArcGIS Desktop, ArcGIS Engine, y ArcGIS Server 10.2.2 y anteriores permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados. • http://blogs.esri.com/esri/arcgis/2014/09/04/arcgis-for-server-security-patch-10-1-sp1-qip-10-2-1-10-2-2 http://support.esri.com/en/downloads/patches-servicepacks/view/productid/67/metaid/2223 http://www.securitytracker.com/id/1032733 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, related to login. Vulnerabilidad de redirreción abierta en ESRI ArcGIS for Server 10.1.1 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de un parámetro no especificado, relacionado con el inicio de sesión. • http://packetstormsecurity.com/files/127959/ArcGIS-For-Server-10.1.1-XSS-Open-Redirect.html http://www.securityfocus.com/archive/1/533189/100/0/threaded http://www.securityfocus.com/bid/69341 http://www.securitytracker.com/id/1030752 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. Múltiples vulnerabilidades de XSS en ESRI ArcGIS for Server 10.1.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados. • http://packetstormsecurity.com/files/127959/ArcGIS-For-Server-10.1.1-XSS-Open-Redirect.html http://www.securityfocus.com/archive/1/533189/100/0/threaded http://www.securitytracker.com/id/1030752 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Multiple cross-site scripting (XSS) en ESRI ArcGIS Server 10.1 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://support.esri.com/en/knowledgebase/techarticles/detail/41494 http://support.esri.com/en/knowledgebase/techarticles/detail/41498 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222. Cross-site scripting (XSS) en el servidor de contenido móvil de ESRI ArcGIS Server 10.1 y 10.2 permite a los usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados, una vulnerabilidad diferente a CVE-2013 a 5222. • http://support.esri.com/en/downloads/patches-servicepacks/view/productid/66/metaid/2009 http://support.esri.com/en/knowledgebase/techarticles/detail/41468 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •