Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BUG-000148347 Unvalidated redirect issues in ArcGIS Server.
Vulnerability Description
Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Esri ArcGIS Server 输入验证错误漏洞
Vulnerability Description
Esri ArcGIS Server是美国环境系统研究所(Esri)公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 10.9.1及之前版本存在输入验证错误漏洞,该漏洞源于存在未经验证的重定向问题,可能允许未经身份验证的远程攻击者通过精心设计的查询参数诱骗用户访问攻击者控制的网站。
CVSS Information
N/A
Vulnerability Type
N/A