Bogue
There are instances found where password fields have auto-complete enabled. If there are stored credentials, they can be captured by an attacker who gains control over the user's computer. Furthermore, an attacker who finds a separate application vulnerability such as cross-site scripting may be able to exploit this to retrieve a user's browser-stored credentials.
| Numéro d’ID de bogue | BUG-000094891 |
|---|---|
| Envoi | March 14, 2016 |
| Dernière modification | February 15, 2023 |
| S’applique à | ArcGIS for Server |
| Version trouvée | 10.2.2 |
| Plateforme serveur | Windows OS |
| Plateforme client | 2012 R2 |
| Statut | Will Not Be Addressed |
Informations supplémentaires
This issue was logged against a version of the software which is no longer supported, and has not had activity in some time. We apologize that we were unable to address this issue within the current product life cycle. If the issue continues to affect your work in a supported release, please contact Technical Support.Solution de contournement
Avoid storing passwords in a browser.Étapes pour reproduire
ID de bogue: BUG-000094891
Logiciel:
- ArcGIS for Server
Obtenir de l’aide auprès des experts ArcGIS
Télécharger l’application Esri Support
En savoir plus sur ce sujet
Rechercher des informations associées
Rechercher une formation sur ce sujet
Explorer des pistes et donner un avis