CVE-2025-67704 | Esri ArcGIS Server up to 11.4 on Windows/Linux Configuration cross site scripting (EUVD-2025-206103 / WID-SEC-2025-2833)
A vulnerability was found in Esri ArcGIS Server up to 11.4 on Windows/Linux and classified as problematic. This affects an unknown part of the component Configuration Handler. Such manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2025-67704. The attack may be performed from remote. There is no available exploit.