CVE-2024-53767

Name of the Vulnerable Software and Affected Versions Pixobe Cartography versions through 1.0.1

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows DOM-Based XSS. This happens because the web page does not handle inputs properly.

Recommendations For versions through 1.0.1, consider disabling the DOM-based functionality until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. Avoid using user-inputted data in the affected web page generation until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.