| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-38207 | Reflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38208 | Unvalidated redirect in Portal for ArcGIS | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38209 | Reflected XSS vulnerability in Portal for ArcGIS | Esri | ArcGIS Quickcapture | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38210 | HTML injection in accountswitcher-callback.html (10.9.1, 10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38211 | Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | High | 7.5 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38212 | Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | High | 7.5 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38202 | BUG-000152121 - Directory traversal vulnerability in ArcGIS Server. | Esri | ArcGIS Server | High | 7.5 | 2022-12-28 00:00:00 | Deep Dive |
| CVE-2022-38201 | An unvalidated redirect vulnerability exists in Esri ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. | Esri | ArcGIS Quickcapture | Medium | 6.1 | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-38195 | BUG-000150540 - Reflected XSS vulnerability in ArcGIS Server | Esri | ArcGIS Server | Medium | 6.1 | 2022-10-25 16:32:10 | Deep Dive |
| CVE-2022-38196 | BUG-000150537 - ArcGIS Server has a local file inclusion (LFI) vulnerability | Esri | ArcGIS Server | Medium | 6.5 | 2022-10-25 16:32:04 | Deep Dive |
| CVE-2022-38197 | BUG-000148347 Unvalidated redirect issues in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2022-10-25 16:31:58 | Deep Dive |
| CVE-2022-38198 | BUG-000146513 - Reflected XSS vulnerability in ArcGIS Server | Esri | ArcGIS Server | Medium | 6.1 | 2022-10-25 16:31:54 | Deep Dive |
| CVE-2022-38199 | BUG-000144172 - Remote file download issue in ArcGIS Server | Esri | ArcGIS Server | Medium | 6.1 | 2022-10-25 16:31:49 | Deep Dive |
| CVE-2022-38200 | BUG-000142376 - Reflected Cross-Site Scripting (XSS) vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2022-10-25 16:31:44 | Deep Dive |
| CVE-2022-38189 | There is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript. | Esri | Portal for ArcGIS | Medium | 5.4 | 2022-08-16 17:25:13 | Deep Dive |
| CVE-2022-38184 | There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 | Esri | Portal for ArcGIS | High | 7.5 | 2022-08-16 17:20:15 | Deep Dive |
| CVE-2022-38192 | There is a stored cross-site scripting (XSS) vulnerability in ArcGIS API for JavaScript. | Esri | Portal for ArcGIS | Medium | 6.1 | 2022-08-16 17:10:09 | Deep Dive |
| CVE-2022-38193 | Code injection issue in Portal for ArcGIS (10.7.1 and 10.8.1) | Esri | Portal for ArcGIS | Medium | 6.1 | 2022-08-16 17:05:11 | Deep Dive |
| CVE-2022-38194 | Portal for ArcGIS system properties are not properly encrypted (10.8.1 only) | Esri | Portal for ArcGIS | Medium | 6.7 | 2022-08-16 17:00:18 | Deep Dive |
| CVE-2022-38191 | HTML injection vulnerability in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 6.1 | 2022-08-15 21:05:11 | Deep Dive |