CVE-2024-38040

There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt