Esri Portal For Arcgis Enterprise Sites vulnerabilities
4 known vulnerabilities affecting esri/portal_for_arcgis_enterprise_sites.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-55107P4MEDIUMCVSS 4.8≥ 10.9.1, ≤ 11.42025-08-21
CVE-2025-55107 [MEDIUM] CWE-79 CVE-2025-55107: There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites
There is a stored
Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites
versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to
inject malicious a file with an embedded xss script which when loaded could
potentially execute arbitrary JavaScript code in the victim’s browser. The
privileges required to execute this
nvd
CVE-2025-55103P4MEDIUMCVSS 4.8≥ 10.9.1, ≤ 11.42025-08-21
CVE-2025-55103 [MEDIUM] CWE-79 CVE-2025-55103: There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites vers
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute
nvd
CVE-2025-55106P4MEDIUMCVSS 4.8≥ 10.9.1, ≤ 11.42025-08-21
CVE-2025-55106 [MEDIUM] CWE-79 CVE-2025-55106: There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites vers
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute
nvd
CVE-2025-55104P4MEDIUMCVSS 4.8≥ 10.9.1, ≤ 11.42025-08-21
CVE-2025-55104 [MEDIUM] CWE-79 CVE-2025-55104: A stored cross-site scripting (XSS) vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites whic
A stored cross-site scripting (XSS) vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute in the victim's browser.
nvd