Bug Number | BUG-000128193 |
Submitted | Jan 28, 2020 |
Modified | Mar 28, 2022 |
Severity | Medium |
Applies To | Portal for ArcGIS |
Version Found | 10.7.1 |
Prog Language | N/A |
Server Platform | Windows OS 2016 64 Bit |
Client Platform | Windows OS 2016 64 Bit |
Database | N/A |
Locale | N/A |
Status |
Fixed
Learn more |
Version Fixed | 10.8.1 |
SP Fixed | N/A |
Bug BUG-000128193
Synopsis
There is a Cross-Site Request Forgery (CSRF) vulnerability in Portal for ArcGIS.
Additional Information
The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2021 Update 1 Patch' security patch. Refer to https://support.esri.com/en/download/7899.
Alternate Solution
Refer to https://support.esri.com/en/download/7899 for the 'Portal for ArcGIS Security 2021 Update 1 Patch' security patch.