CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-16193

In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY PROFILE feature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.7%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://www.facebook.com/Huang.YuHsiang.Phone/posts/1795457353931689
https://www.facebook.com/Huang.YuHsiang.Phone/posts/1795457353931689

Products affected by CVE-2019-16193

Esri » Arcgis Enterprise » Version: 10.6.1

cpe:2.3:a:esri:arcgis_enterprise:10.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16193

Products

Pricing

Contact Us