CVE-2025-67711
published 2025-12-31CVE-2025-67711: There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote…
PriorityP430medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.20%
9.6th percentile
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| esri | arcgis_server | <= 11.5 | — |
| esri | arcgis_server | 10.9.1 – 11.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-67709 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67709 [MEDIUM] CVE-2025-67709 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67709 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67711 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67711 [MEDIUM] CVE-2025-67711 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67711 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67704 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67704 [MEDIUM] CVE-2025-67704 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67704 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67710 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67710 [MEDIUM] CVE-2025-67710 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67710 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67707 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67707 [MEDIUM] CVE-2025-67707 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67707 :
ArcGIS Server vulnerability analysis and mitigation
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories.
However, the server’s architecture enforces controls that restrict uploaded files to non‑executable storage locations and prevent modification or replacement of existing application components or system configurations. Uploaded files cannot be executed, leveraged to escalate privileges, or used to access sensitive data.
Because the issue does not enable execution, service disruption, unauthorized access, or integrity compromise, its impact on confidentiality, integrity, and availability is low. No
Wiz
CVE-2025-67708 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67708 [MEDIUM] CVE-2025-67708 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67708 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67705 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67705 [MEDIUM] CVE-2025-67705 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67705 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67703 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2025-67703 [MEDIUM] CVE-2025-67703 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67703 :
ArcGIS Server vulnerability analysis and mitigation
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser.
Source : NVD
## 6.1
Score
Published December 31, 2025
Severity MEDIUM
CNA Score 6.1
Affected Technologies
ArcGIS Server
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:esri:arcgis_server
Sources
Linux Severity MEDIUM No Fix Added at: Jan 01, 2026
Windows Severity
Wiz
CVE-2025-67706 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
CVE-2025-67706 [MEDIUM] CVE-2025-67706 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67706 :
ArcGIS Server vulnerability analysis and mitigation
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories.
However, the server’s architecture enforces controls that restrict uploaded files to non‑executable storage locations and prevent modification or replacement of existing application components or system configurations. Uploaded files cannot be executed, leveraged to escalate privileges, or used to access sensitive data.
Because the issue does not enable execution, service disruption, unauthorized access, or integrity compromise, its impact on confidentiality, integrity, and availability is low. No
2025-12-31
Published