CVE-2021-43696

Name of the Vulnerable Software and Affected Versions: twmap versions 2.91 through 4.33

Description: The issue is related to a Cross Site Scripting (XSS) vulnerability. In the file list.php, the exit function will terminate the script and print a message to the user. This message contains the $ REQUEST variable, which leads to the XSS vulnerability.

Recommendations: For twmap versions 2.91 through 4.33, consider disabling the exit function in the list.php file as a temporary workaround until a patch is available. Restrict access to the list.php file to minimize the risk of exploitation. Avoid using the $ REQUEST variable in the affected file until the issue is resolved.