| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-25694 | BUG-000163019 - Stored XSS in Portal for ArcGIS | Esri | Enterprise Web App Builder | Medium | 4.8 | 2024-10-04 17:17:59 | Deep Dive |
| CVE-2024-25701 | BUG-000160765 - Stored XSS in ArcGIS Experience Builder | Esri | Portal for ArcGIS Enterprise Experience Builder | Medium | 4.8 | 2024-10-04 17:17:34 | Deep Dive |
| CVE-2024-25702 | BUG-000160599 - Stored XSS in Portal for ArcGIS Web App Builder | Esri | ArcGIS Enterprise Web App Builder | Medium | 4.8 | 2024-10-04 17:17:13 | Deep Dive |
| CVE-2024-25707 | BUG-000160241 - Reflected XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 4.8 | 2024-10-04 17:16:48 | Deep Dive |
| CVE-2024-38036 | BUG-000154827 - Reflected XSS in ArcGIS Experience Builder | Esri | Portal for ArcGIS Enterprise Experience Builder | Medium | 5.4 | 2024-10-04 17:16:25 | Deep Dive |
| CVE-2024-8149 | BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 4.6 | 2024-10-04 17:14:39 | Deep Dive |
| CVE-2024-38039 | BUG-000161683 - HTML injection vulnerability in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 5.4 | 2024-10-04 17:13:14 | Deep Dive |
| CVE-2024-8148 | BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. (11.2, 11.1, 10.9.1. and 10.8.1) | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-10-04 17:11:43 | Deep Dive |
| CVE-2024-38037 | BUG-000167983 - Unvalidated redirect in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-10-04 17:10:28 | Deep Dive |
| CVE-2024-25699 | Portal for ArcGIS has an invalid authentication vulnerability | Esri | Portal for ArcGIS | High | 8.5 | 2024-04-04 17:56:26 | Deep Dive |
| CVE-2024-25705 | Cross site scripting issue in embed widget | Esri | Portal for ArcGIS | Medium | 5.4 | 2024-04-04 17:55:56 | Deep Dive |
| CVE-2024-25706 | HTMLi at createFolder Content Injection | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-04-04 17:55:31 | Deep Dive |
| CVE-2024-25709 | Self-XSS style in move item dialog | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-04-04 17:55:18 | Deep Dive |
| CVE-2024-25700 | Persistent XSS in URL added to a shared map | Esri | ArcGIS Enterprise Builder | Medium | 4.8 | 2024-04-04 17:55:02 | Deep Dive |
| CVE-2024-25698 | Reflected XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 6.1 | 2024-04-04 17:54:48 | Deep Dive |
| CVE-2024-25693 | Portal for ArcGIS has a directory traversal vulnerability. | Esri | Portal for ArcGIS | Critical | 9.9 | 2024-04-04 17:54:34 | Deep Dive |
| CVE-2024-25695 | concatenated errors resulting in cross site scripting and frame injection issues. | Esri | Portal for ArcGIS | High | 7.2 | 2024-04-04 17:54:23 | Deep Dive |
| CVE-2024-25696 | Stored XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 4.8 | 2024-04-04 17:53:56 | Deep Dive |
| CVE-2024-25697 | Stored XSS in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 5.4 | 2024-04-04 17:53:26 | Deep Dive |
| CVE-2024-25690 | HTML injection in ArcGIS Web AppBuilder | Esri | ArcGIS Enterprise Web App Builder | Medium | 4.7 | 2024-04-04 17:53:04 | Deep Dive |