English
Bug Number BUG-000128193
Submitted Jan 28, 2020
Modified Feb 05, 2021
Severity Medium
Applies To Portal for ArcGIS
Version Found 10.7.1
Prog Language N/A
Server Platform Windows 2016 64 Bit
Client Platform Windows 2016 64 Bit
Database N/A
Locale N/A
Status Implemented
Version Fixed 10.8.1
SP Fixed N/A

Bug BUG-000128193

Synopsis

There is a Cross-Site Request Forgery (CSRF) vulnerability in Portal for ArcGIS.


Additional Information

The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.


Alternate Solution

Refer to https://support.esri.com/en/download/7837 for the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch.