CVE-2013-5222

ESRI ArcGIS for Server 10.1 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Vendor Advisory] http://support.esri.com/en/knowledgebase/techarticles/detail/41494

[Vendor Advisory] http://support.esri.com/en/knowledgebase/techarticles/detail/41498

Scores

EPSS 0.0017

EPSS Percentile 38.3%

Details

CWE

CWE-79

Status published

Products (2)

esri/arcgis_server

n/a/n/a

Published Dec 30, 2013

Tracked Since Feb 18, 2026