CVE-2013-2618

Name of the Vulnerable Software and Affected Versions Network Weathermap versions prior to 0.97b

Description A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the map title parameter in the editor.php file.

Recommendations For versions prior to 0.97b, update to version 0.97b or later to resolve the issue. As a temporary workaround, consider restricting access to the editor.php file or sanitizing input for the map title parameter to minimize the risk of exploitation.