CVE-2013-7231

ESRI ArcGIS for Server <10.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Mobile Content Server in ESRI ArcGIS for Server 10.1 and 10.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-5222.

References (2)

Scores

EPSS 0.0017
EPSS Percentile 38.3%

Details

CWE
CWE-79
Status published
Products (3)
esri/arcgis_server
esri/arcgis_server
n/a/n/a
Published Dec 30, 2013
Tracked Since Feb 18, 2026