| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-55107 | BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:30:00 | Deep Dive |
| CVE-2025-55106 | BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:29:37 | Deep Dive |
| CVE-2025-55105 | BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Experience Sites | Medium | 4.8 | 2025-08-21 19:29:01 | Deep Dive |
| CVE-2025-55104 | BUG-000173918 - ArcGIS Enterprise Sites has a security vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:28:43 | Deep Dive |
| CVE-2025-55103 | BUG-000177333 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:25:13 | Deep Dive |
| CVE-2024-25701 | BUG-000160765 - Stored XSS in ArcGIS Experience Builder | Esri | Portal for ArcGIS Enterprise Experience Builder | Medium | 4.8 | 2024-10-04 17:17:34 | Deep Dive |
| CVE-2024-25702 | BUG-000160599 - Stored XSS in Portal for ArcGIS Web App Builder | Esri | ArcGIS Enterprise Web App Builder | Medium | 4.8 | 2024-10-04 17:17:13 | Deep Dive |
| CVE-2024-38036 | BUG-000154827 - Reflected XSS in ArcGIS Experience Builder | Esri | Portal for ArcGIS Enterprise Experience Builder | Medium | 5.4 | 2024-10-04 17:16:25 | Deep Dive |
| CVE-2024-25700 | Persistent XSS in URL added to a shared map | Esri | ArcGIS Enterprise Builder | Medium | 4.8 | 2024-04-04 17:55:02 | Deep Dive |
| CVE-2024-25690 | HTML injection in ArcGIS Web AppBuilder | Esri | ArcGIS Enterprise Web App Builder | Medium | 4.7 | 2024-04-04 17:53:04 | Deep Dive |
| CVE-2024-25708 | Persistent XSS when creating new application using Web App Builder | Esri | ArcGIS Enterprise Web App Builder | Medium | 4.8 | 2024-04-04 17:52:49 | Deep Dive |
| CVE-2023-25848 | BUG-000158039 - There is an information disclosure issue in ArcGIS Server. | Esri | ArcGIS Enterprise Server | Medium | 5.3 | 2023-08-25 18:44:14 | Deep Dive |
| CVE-2023-25841 | BUG-000158075 Stored XSS issue in ArcGIS Server | Esri | ArcGIS Enterprise Server | Medium | 6.1 | 2023-07-21 18:38:24 | Deep Dive |
| CVE-2023-25840 | BUG-000154070 Stored XSS issue in the ArcGIS REST Services directory | Esri | ArcGIS Enterprise Server | Low | 3.4 | 2023-07-21 18:37:34 | Deep Dive |
| CVE-2022-38204 | Reflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38212 | Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | High | 7.5 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38211 | Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | High | 7.5 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38210 | HTML injection in accountswitcher-callback.html (10.9.1, 10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38208 | Unvalidated redirect in Portal for ArcGIS | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |
| CVE-2022-38207 | Reflected XSS vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | Esri | ArcGIS Enterprise | Medium | 6.1 | 2022-12-30 05:13:00 | Deep Dive |