CVE-2013-5222

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:esri:arcgis_server:10.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:57

Type Values Removed Values Added
References () http://support.esri.com/en/knowledgebase/techarticles/detail/41494 - Vendor Advisory () http://support.esri.com/en/knowledgebase/techarticles/detail/41494 - Vendor Advisory
References () http://support.esri.com/en/knowledgebase/techarticles/detail/41498 - Vendor Advisory () http://support.esri.com/en/knowledgebase/techarticles/detail/41498 - Vendor Advisory

11 Jul 2024, 18:07

Type Values Removed Values Added
References () http://support.esri.com/en/knowledgebase/techarticles/detail/41494 - () http://support.esri.com/en/knowledgebase/techarticles/detail/41494 - Vendor Advisory
References () http://support.esri.com/en/knowledgebase/techarticles/detail/41498 - () http://support.esri.com/en/knowledgebase/techarticles/detail/41498 - Vendor Advisory
First Time Esri arcgis Server
CPE cpe:2.3:a:esri:arcgis:10.1:*:*:*:*:*:*:* cpe:2.3:a:esri:arcgis_server:10.1:*:*:*:*:*:*:*

Information

Published : 2013-12-30 04:53

Updated : 2024-11-21 01:57


NVD link : CVE-2013-5222

Mitre link : CVE-2013-5222

CVE.ORG link : CVE-2013-5222


JSON object : View

Products Affected

esri

  • arcgis_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')