CVE-2022-38193

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 10.8.1 and below

Description The issue is related to incorrect code generation management in the web portal, which may allow a remote, unauthenticated attacker to pass strings that could potentially cause arbitrary code execution. This could potentially lead to code execution in a victim's browser.

Recommendations For Esri Portal for ArcGIS versions 10.8.1 and below, update to a version above 10.8.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.