laptop and a wrench

Bug

SQL Injection is possible with WHERE clause via ArcGIS for Server 10.1 SP1 with Security Patch.

Last Published: May 21, 2015 ArcGIS for Server
Bug ID Number BUG-000086720
SubmittedApril 7, 2015
Last ModifiedJune 11, 2020
SeverityCritical
Applies toArcGIS for Server
Version found10.1
Operating SystemWindows
Operating System Version2008 64 Bit
StatusDuplicate

Steps to Reproduce

Bug ID: BUG-000086720

Software:

  • ArcGIS for Server

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options

Discover more on this topic