CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-29110

Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/Portal-for-ArcGIS-Security-2021-Update-1-Patch/
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/Portal-for-ArcGIS-Security-2021-Update-1-Patch/

Products affected by CVE-2021-29110

Esri » Portal For Arcgis » Version: N/A

cpe:2.3:a:esri:portal_for_arcgis:-
Esri » Portal For Arcgis » Version: 10.6

cpe:2.3:a:esri:portal_for_arcgis:10.6
Esri » Portal For Arcgis » Version: 10.6.1

cpe:2.3:a:esri:portal_for_arcgis:10.6.1
Esri » Portal For Arcgis » Version: 10.7.1

cpe:2.3:a:esri:portal_for_arcgis:10.7.1
Esri » Portal For Arcgis » Version: 10.8

cpe:2.3:a:esri:portal_for_arcgis:10.8
Esri » Portal For Arcgis » Version: 10.8.1

cpe:2.3:a:esri:portal_for_arcgis:10.8.1
Esri » Portal For Arcgis » Version: 10.9

cpe:2.3:a:esri:portal_for_arcgis:10.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29110

Products

Pricing

Contact Us