laptop and a wrench

Bug

Cross-site scripting (XSS) in ArcGIS Server Manager. Note This security patch addresses multiple security vulnerabilities found in ArcGIS Server. Esri recommends that all customers using ArcGIS Server 10.8.1, 10.7.1, and 10.6.1 apply this patch.

Last Published: March 2, 2021 ArcGIS GIS Server
Bug ID Number BUG-000137659
SubmittedFebruary 23, 2021
Last ModifiedSeptember 15, 2022
Applies toArcGIS GIS Server
Version found10.6.1
Operating SystemWindows OS
Operating System VersionN/A
Version Fixed10.7
StatusFixed

Workaround

The ArcGIS Server Security 2021 Update 1 Patch is now live on the support site. The URL is:

https://support.esri.com/en/download/7879

Steps to Reproduce

Bug ID: BUG-000137659

Software:

  • ArcGIS GIS Server

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options

Discover more on this topic