CVE-2024-53307

Name of the Vulnerable Software and Affected Versions Evisions MAPS version 6.10.2.267

Description A reflected cross-site scripting issue allows attackers to execute arbitrary code in the context of a user's browser by injecting a crafted payload into the "mw/" endpoint.

Recommendations For Evisions MAPS version 6.10.2.267, consider restricting access to the /mw/ endpoint until a fix is available. As a temporary workaround, avoid using the vulnerable endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.