CVE-2012-10018

Name of the Vulnerable Software and Affected Versions Mapplic versions up to and including 6.1 Mapplic Lite version 1.0

Description The issue allows attackers to forge requests coming from a vulnerable site's server, potentially leading to an XSS attack if an SVG file is requested. This is made possible by a Server-Side Request Forgery vulnerability.

Recommendations For Mapplic versions up to and including 6.1, update to a version later than 6.1 to resolve the issue. For Mapplic Lite version 1.0, consider disabling the plugin until a patched version is available.