There is a local file inclusion vulnerability in Esri...
High severity
Unreviewed
Published
Oct 4, 2024
to the GitHub Advisory Database
•
Updated Oct 4, 2024
Description
Published by the National Vulnerability Database
Oct 4, 2024
Published to the GitHub Advisory Database
Oct 4, 2024
Last updated
Oct 4, 2024
There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files.
References