Bug
SQL Injection is possible with WHERE clause via ArcGIS for Server 10.1 SP1 with Security Patch.
| Bug ID Number | BUG-000086720 |
|---|---|
| Submitted | April 7, 2015 |
| Last Modified | June 11, 2020 |
| Severity | Critical |
| Applies to | ArcGIS for Server |
| Version found | 10.1 |
| Operating System | Windows |
| Operating System Version | 2008 64 Bit |
| Status | Duplicate |
Steps to Reproduce
Bug ID: BUG-000086720
Software:
- ArcGIS for Server
Get help from ArcGIS experts
Download the Esri Support App
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback