Stored Cross Site Scripting (XSS) Vulnerability in Esri ArcGIS Server Services Directory 10.8.1 and Below

Stored Cross Site Scripting (XSS) Vulnerability in Esri ArcGIS Server Services Directory 10.8.1 and Below

CVE-2021-29105 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory.

Learn more about our Cis Benchmark Audit For Server Software.