Bug Number BUG-000092906
Submitted Dec 10, 2015
Modified Jul 28, 2020
Severity High
Applies To ArcGIS GIS Server
Version Found 10.3.1
Prog Language N/A
Server Platform
Client Platform
Database N/A
Locale N/A
Status Implemented
Version Fixed 10.4.0
SP Fixed N/A

Bug BUG-000092906


Map and Image services are vulnerable to a XML external entity injection (XXE).

Additional Information


Alternate Solution