Bug
Cross-site scripting (XSS) vulnerability with GetTokens as ArcGIS for Server 10.3.1 inputs are not consistently sanitized.
| Bug ID Number | BUG-000090429 |
|---|---|
| Submitted | August 31, 2015 |
| Last Modified | June 2, 2021 |
| Severity | Critical |
| Applies to | ArcGIS for Server |
| Version found | 10.3.1 |
| Operating System | Windows |
| Version Fixed | 10.4.0 |
| Status | Fixed |
Steps to Reproduce
Bug ID: BUG-000090429
Software:
- ArcGIS for Server
Get help from ArcGIS experts
Download the Esri Support App
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback