Vulnerabilities > CVE-2021-29113 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Esri Arcgis Server 10.6.1/10.7.1/10.8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |