CVE-2013-5222
ESRI ArcGIS for Server 10.1 - Authenticated Cross-Site Scripting
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://support.esri.com/en/knowledgebase/techarticles/detail/41498
Vendor Advisory x_refsource_confirm
http://support.esri.com/en/knowledgebase/techarticles/detail/41494
Scores
EPSS
0.0017
EPSS Percentile
38.1%
Details
CWE
CWE-79
Status
published
Products (1)
esri/arcgis_server
10.1
Published
Dec 30, 2013
Tracked Since
Feb 18, 2026