CVE-2014-5122
ESRI ArcGIS for Server 10.1.1 - Open Redirect via Login Parameter
Title source: llmDescription
Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, related to login.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69341
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/127959/ArcGIS-For-Server-10.1.1-XSS-Open-Redirect.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/533189/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030752
Scores
EPSS
0.0032
EPSS Percentile
54.9%
Details
Status
published
Products (1)
esri/arcgis_server
10.1.1
Published
Aug 22, 2014
Tracked Since
Feb 18, 2026