CNNVD-202508-2555 Information

CNNVD ID

CNNVD-202508-2555

Related CVE

CVE-2025-55104

• CNNVD Published: 2025-08-21

Description (Chinese)

Esri Portal for ArcGIS Enterprise Sites是美国Esri公司的一款地理信息门户发布软件。 Esri Portal for ArcGIS Enterprise Sites存在跨站脚本漏洞，该漏洞源于存储型跨站脚本漏洞，可能导致执行任意JavaScript代码。

Description (English)

Esri Portal for ArcGIS Enterpriseites is a geo-information portal publishing software for the United States company Esri. Esri Portal for ArcGIS Enterpriseites has a cross-site script loophole, which originates from a storage-type cross-site script loophole and may lead to the implementation of any JavaScript code.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

环境系统研究所

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/2925891-2 https://nvd.nist.gov/vuln/detail/CVE-2025-55104

Patch

https://support.esri.com/en-us/products/arcgis-enterprise/life-cycle