An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. There is an HTML injection issue in Esri Portal for ArcGIS versions 10.9.0 and below which may allow a remote, authenticated attacker to inject HTML into some locations in the home application.Īrcher Platform 6.x before 6.11 P3 contain an HTML injection vulnerability.
It allows an attacker to cause Denial of Service or possibly have unspecified other impact. It can be triggered by sending a crafted HTML file to the w3m binary. There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3.
0 kommentar(er)
