Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Esri — Vulnerabilities & Security Advisories 147

Browse all 147 CVE security advisories affecting Esri. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Esri:ArcGIS ServerPortal for ArcGISArcGIS EnterpriseArcReaderPortal for ArcGIS Enterprise SitesArcGIS Enterprise Web App BuilderArcGIS Enterprise ServerPortal for ArcGIS SitesArcGIS QuickcapturePortal for ArcGIS Enterprise Experience BuilderArcGIS ProArcGIS InsightsArcGIS GeoEvent ServerPortal for ArcGIS ArcGIS Enterprise BuilderEnterprise Web App BuilderArcGIS AllSourceArcGIS MonitorArcGIS EarthPortal for ArcGIS Enterprise Experience SitesArcGIS Web AppBuilder {Developer Edition)
CVE IDTitleCVSSSeverityPublished
CVE-2024-25701 BUG-000160765 - Stored XSS in ArcGIS Experience Builder — Portal for ArcGIS Enterprise Experience BuilderCWE-79 4.8 Medium2024-10-04
CVE-2024-25702 BUG-000160599 - Stored XSS in Portal for ArcGIS Web App Builder — ArcGIS Enterprise Web App BuilderCWE-79 4.8 Medium2024-10-04
CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 4.8 Medium2024-10-04
CVE-2024-38036 BUG-000154827 - Reflected XSS in ArcGIS Experience Builder — Portal for ArcGIS Enterprise Experience BuilderCWE-79 5.4 Medium2024-10-04
CVE-2024-8149 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. — Portal for ArcGISCWE-79 4.6 Medium2024-10-04
CVE-2024-38039 BUG-000161683 - HTML injection vulnerability in Portal for ArcGIS. — Portal for ArcGISCWE-80 5.4 Medium2024-10-04
CVE-2024-8148 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. (11.2, 11.1, 10.9.1. and 10.8.1) — Portal for ArcGISCWE-601 6.1 Medium2024-10-04
CVE-2024-38037 BUG-000167983 - Unvalidated redirect in Portal for ArcGIS — Portal for ArcGISCWE-601 6.1 Medium2024-10-04
CVE-2024-25699 Portal for ArcGIS has an invalid authentication vulnerability — Portal for ArcGISCWE-287 8.5 High2024-04-04
CVE-2024-25705 Cross site scripting issue in embed widget — Portal for ArcGISCWE-79 5.4 Medium2024-04-04
CVE-2024-25706 HTMLi at createFolder Content Injection — Portal for ArcGISCWE-94 6.1 Medium2024-04-04
CVE-2024-25709 Self-XSS style in move item dialog — Portal for ArcGISCWE-79 6.1 Medium2024-04-04
CVE-2024-25700 Persistent XSS in URL added to a shared map — ArcGIS Enterprise BuilderCWE-79 4.8 Medium2024-04-04
CVE-2024-25698 Reflected XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 6.1 Medium2024-04-04
CVE-2024-25693 Portal for ArcGIS has a directory traversal vulnerability. — Portal for ArcGIS CWE-22 9.9 Critical2024-04-04
CVE-2024-25695 concatenated errors resulting in cross site scripting and frame injection issues. — Portal for ArcGISCWE-79 7.2 High2024-04-04
CVE-2024-25696 Stored XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 4.8 Medium2024-04-04
CVE-2024-25697 Stored XSS in Portal for ArcGIS — Portal for ArcGISCWE-79 5.4 Medium2024-04-04
CVE-2024-25690 HTML injection in ArcGIS Web AppBuilder — ArcGIS Enterprise Web App BuilderCWE-80 4.7 Medium2024-04-04
CVE-2024-25708 Persistent XSS when creating new application using Web App Builder — ArcGIS Enterprise Web App BuilderCWE-79 4.8 Medium2024-04-04
CVE-2024-25692 BUG-000154722 - Cross-site request forgery (CSRF) issue in Portal for ArcGIS — Portal for ArcGISCWE-352 5.4 Medium2024-04-04
CVE-2023-25848 BUG-000158039 - There is an information disclosure issue in ArcGIS Server. — ArcGIS Enterprise ServerCWE-319 5.3 Medium2023-08-25
CVE-2023-25841 BUG-000158075 Stored XSS issue in ArcGIS Server — ArcGIS Enterprise ServerCWE-79 6.1 Medium2023-07-21
CVE-2023-25840 BUG-000154070 Stored XSS issue in the ArcGIS REST Services directory — ArcGIS Enterprise ServerCWE-79 3.4 Low2023-07-21
CVE-2023-25837 BUG-000133088 - ArcGIS Enterprise site builder is subject to stored XSS. — Portal for ArcGIS SitesCWE-79 8.4 High2023-07-21
CVE-2023-25836 BUG-000135364 XSS in 10.8.1 sites builder iframe source — Portal for ArcGIS SitesCWE-79 5.4 Medium2023-07-21
CVE-2023-25835 BUG-000153659 ArcGIS Enterprise Sites has a stored XSS vulnerability — Portal for ArcGIS SitesCWE-79 8.4 High2023-07-20
CVE-2023-25838 BUG-000157278 – ArcGIS Insights has a security vulnerability. — ArcGIS InsightsCWE-89 7.5 High2023-07-19
CVE-2023-25833 BUG-000155004 HTML injection issue in Portal for ArcGIS. — Portal for ArcGISCWE-80 5.4 Medium2023-05-10
CVE-2023-25831 BUG-000154236 There is a reflected cross-site scripting (XSS) vulnerability in Portal for ArcGIS. — Portal for ArcGISCWE-79 6.1 Medium2023-05-09

This page lists every published CVE security advisory associated with Esri. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.