CVE-2025-55105P4MEDIUMCVSS 4.8≥ 10.9.1, ≤ 11.42025-08-21
CVE-2025-55105 [MEDIUM] CWE-79 CVE-2025-55105: There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites vers
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute
nvd