laptop and a wrench

Bug

There is a Cross-Site Request Forgery (CSRF) vulnerability in Portal for ArcGIS.

Last Published: February 5, 2021 Portal for ArcGIS
Bug ID Number BUG-000128193
SubmittedJanuary 28, 2020
Last ModifiedFebruary 15, 2023
Applies toPortal for ArcGIS
Version found10.7.1
Operating SystemWindows OS
Operating System Version2016 64 Bit
Version Fixed10.8.1
StatusFixed

Additional Information

The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2021 Update 1 Patch' security patch. Refer to https://support.esri.com/en/download/7899.

Workaround

Refer to https://support.esri.com/en/download/7899 for the 'Portal for ArcGIS Security 2021 Update 1 Patch' security patch.

Steps to Reproduce

Bug ID: BUG-000128193

Software:

  • Portal for ArcGIS

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options

Discover more on this topic