A new Technical Support website experience is coming soon!

In the next couple of months, we will update the Technical Support website. It will look different, but all the information you expect will still be at your fingertips. In fact, we’ve worked hard to ensure you can find information even more easily.

Back to results

Bug Number	BUG-000137662
Submitted	Feb 23, 2021
Modified	Jun 01, 2022
Severity	High
Applies To	ArcGIS Enterprise
Version Found	No Version Found
Prog Language	N/A
Server Platform	Windows OS N/A
Client Platform	Windows OS N/A
Database	N/A
Locale	N/A
Status	Unknown Text - Bugs/Fixed Learn more
Version Fixed	10.9
SP Fixed	N/A

Bug BUG-000137662

Synopsis

Reflected cross-site scripting (XSS) vulnerability in ArcGIS Server. Note This security patch addresses multiple security vulnerabilities found in ArcGIS Server. Esri recommends that all customers using ArcGIS Server 10.8.1, 10.7.1, and 10.6.1 apply this patch.

Additional Information

N/A

Alternate Solution

The ArcGIS Server Security 2021 Update 1 Patch is now live on the support site. The URL is: https://support.esri.com/en/download/7879