CVE-2024-6450

Name of the Vulnerable Software and Affected Versions HyperView Geoportal Toolkit versions prior to 8.2.4

Description The issue concerns a Reflected Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker could trick someone into using a crafted URL, which will cause a script to be run in the user's browser.

Recommendations For versions prior to 8.2.4, update to version 8.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable URLs to minimize the risk of exploitation. Avoid using crafted URLs that could trigger the execution of malicious scripts in the user's browser.