Arcgis Web Appbuilder {Developer Edition)
Approved changes feed: RSS · Atom
cpe:2.3:a:esri:arcgis_web_appbuilder_{developer_edition):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Esri (7fc7b1c4-e95b-5bc9-bfb4-4695cd2e3e82) |
|---|---|
| Product | Arcgis Web Appbuilder {Developer Edition) (68effe78-e1bf-5430-ad9a-6cc9f76db0f4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-67712 |
vulnerable | 2026-06-03 15:11:02.207600 |
HTML injection issue in ArcGIS Web App Builder
MEDIUM (4.7)
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript execution, which limits the impact. At the time of submission, ArcGIS Web App Builder developer edition is retired and unsupported. ArcGIS Web App Builder 2.30 is not susceptible to this vulnerability.
Published: 2025-12-19T20:05:42.172Z
Updated: 2026-01-08T16:47:34.111Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.