Bug
Reflected cross-site scripting (XSS) in Portal for ArcGIS Map Viewer.
| Bug ID Number | BUG-000153884 |
|---|---|
| Submitted | November 21, 2022 |
| Last Modified | March 19, 2025 |
| Applies to | ArcGIS Online |
| Version found | November 2022 |
| Operating System | N/A |
| Operating System Version | N/A |
| Version Fixed | 11.2 |
| Status | Fixed |
Additional Information
Portal for ArcGIS Security 2024 Update 1 Patch is now live on the support site. The URL is: https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2024-update-1-patch. This defect is addressed in the Portal for ArcGIS Security 2025 Update 1 Patch. The URL is: https://support.esri.com/en-us/patches-updates/2025/portal-for-arcgis-security-2025-update-1-patch Patches are available for versions 11.4, 11.3, 11.2, 11.1, and 10.9.1. Please refer to the “Issues addressed with this patch” section of the patch page to determine the version(s) where this defect is addressed.Workaround
Portal for ArcGIS Security 2024 Update 1 Patch is now live on the support site. The URL is:
https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2024-update-1-patch.
This defect is addressed in the Portal for ArcGIS Security 2025 Update 1 Patch. The URL is:
https://support.esri.com/en-us/patches-updates/2025/portal-for-arcgis-security-2025-update-1-patch
Patches are available for versions 11.4, 11.3, 11.2, 11.1, and 10.9.1. Please refer to the “Issues addressed with this patch” section of the patch page to determine the version(s) where this defect is addressed.
Steps to Reproduce
Bug ID: BUG-000153884
Software:
- ArcGIS Online
Get notified when the status of a bug changes
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback
Get help from ArcGIS experts
Download the Esri Support App