Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Portal for ArcGIS — Vulnerabilities & Security Advisories 50

All 50 CVE vulnerabilities found in Portal for ArcGIS, with AI-generated Chinese analysis, references, and POCs.

Vendor: Esri

CVE IDTitleCVSSSeverityPaused
CVE-2026-33519 Incorrect privilege assignment in Portal for ArcGIS CWE-266 9.8 Critical2026-04-21
CVE-2026-33518 Incorrect privilege assignment in Portal for ArcGIS CWE-266 9.8 Critical2026-04-21
CVE-2025-57871 BUG-000174020 - Reflected XSS vulnerability identified in Portal for ArcGIS. (11.3, 11.1, 10.9.1) CWE-79 4.8 Medium2025-09-29
CVE-2025-57872 BUG-000174150 - Unvalidated redirect in Portal for ArcGIS. CWE-601 6.1 Medium2025-09-29
CVE-2025-57873 BUG-000175222 - Reflected XSS vulnerability in Portal for ArcGIS. CWE-79 4.8 Medium2025-09-29
CVE-2025-57874 BUG-000161627 - Reflected XSS vulnerability in Portal for ArcGIS.  (11.3, 11.1, 10.9.1) CWE-79 4.8 Medium2025-09-29
CVE-2025-57875 BUG-000164122 - Reflected XSS vulnerability in Portal for ArcGIS. CWE-79 4.8 Medium2025-09-29
CVE-2025-57877 Reflected XSS vulnerability in Portal for ArcGIS. CWE-79 4.8 Medium2025-09-29
CVE-2025-57878 BUG-000174149 - The Portal for ArcGIS has an unvalidated redirect. CWE-601 6.1 Medium2025-09-29
CVE-2025-57879 BUG-000171009 - URL manipulation vulnerability in Portal for ArcGIS. CWE-601 6.1 Medium2025-09-29
CVE-2025-57876 Stored XSS vulnerability in Portal for ArcGIS CWE-79 4.8 Medium2025-09-29
CVE-2025-4967 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS CWE-918 9.1 Critical2025-05-29
CVE-2025-2538 BUG-000174336 CWE-798 9.8 Critical2025-03-20
CVE-2024-38040 BUG-000167984 - Portal for ArcGIS has a Local file inclusion (LFI) vulnerability CWE-73 7.5 High2024-10-04
CVE-2024-38038 BUG-000165732 - Reflected XSS in Portal for ArcGIS CWE-79 6.1 Medium2024-10-04
CVE-2024-25691 BUG-000165286 - Reflected XSS in Portal for ArcGIS CWE-79 6.1 Medium2024-10-04
CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS CWE-79 4.8 Medium2024-10-04
CVE-2024-8149 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. CWE-79 4.6 Medium2024-10-04
CVE-2024-38039 BUG-000161683 - HTML injection vulnerability in Portal for ArcGIS. CWE-80 5.4 Medium2024-10-04
CVE-2024-8148 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. (11.2, 11.1, 10.9.1. and 10.8.1) CWE-601 6.1 Medium2024-10-04
CVE-2024-38037 BUG-000167983 - Unvalidated redirect in Portal for ArcGIS CWE-601 6.1 Medium2024-10-04
CVE-2024-25699 Portal for ArcGIS has an invalid authentication vulnerability CWE-287 8.5 High2024-04-04
CVE-2024-25705 Cross site scripting issue in embed widget CWE-79 5.4 Medium2024-04-04
CVE-2024-25706 HTMLi at createFolder Content Injection CWE-94 6.1 Medium2024-04-04
CVE-2024-25709 Self-XSS style in move item dialog CWE-79 6.1 Medium2024-04-04
CVE-2024-25698 Reflected XSS in Portal for ArcGIS CWE-79 6.1 Medium2024-04-04
CVE-2024-25695 concatenated errors resulting in cross site scripting and frame injection issues. CWE-79 7.2 High2024-04-04
CVE-2024-25696 Stored XSS in Portal for ArcGIS CWE-79 4.8 Medium2024-04-04
CVE-2024-25697 Stored XSS in Portal for ArcGIS CWE-79 5.4 Medium2024-04-04
CVE-2024-25692 BUG-000154722 - Cross-site request forgery (CSRF) issue in Portal for ArcGIS CWE-352 5.4 Medium2024-04-04

All 50 known CVE vulnerabilities affecting Portal for ArcGIS with full Chinese analysis, references, and POCs where available.