laptop and a wrench

Bug

Stored cross-site scripting (XSS) vulnerability in ArcGIS Server Services Directory. Note This security patch addresses multiple security vulnerabilities found in ArcGIS Server. Esri recommends that all customers using ArcGIS Server 10.8.1, 10.7.1, and 10.6.1 apply this patch.

Last Published: March 2, 2021 ArcGIS GIS Server
Bug ID Number BUG-000137668
SubmittedFebruary 23, 2021
Last ModifiedJune 1, 2022
Applies toArcGIS GIS Server
Version found10.8.1
Operating SystemWindows OS
Operating System VersionN/A
Version Fixed10.9
StatusFixed

Workaround

The ArcGIS Server Security 2021 Update 1 Patch is now live on the support site. The URL is: https://support.esri.com/en/download/7879

Steps to Reproduce

Bug ID: BUG-000137668

Software:

  • ArcGIS GIS Server

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options

Discover more on this topic