There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser.  The privileges required to execute this attack are high.
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku
Kaynak: National Vulnerability Database