CVE-2024-38037

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt