There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions.
References
Configurations
History
21 Nov 2024, 07:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095 - Release Notes | |
References | () https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/ - Vendor Advisory |
Information
Published : 2023-05-09 21:15
Updated : 2024-11-21 07:50
NVD link : CVE-2023-25832
Mitre link : CVE-2023-25832
CVE.ORG link : CVE-2023-25832
JSON object : View
Products Affected
esri
- portal_for_arcgis
CWE
CWE-352
Cross-Site Request Forgery (CSRF)