CVE-2025-11291

Name of the Vulnerable Software and Affected Versions ixmaps website2017 versions prior to 0c71cffa0162186bc057a76766bc97e9f5a3a2d0

Description A security flaw exists that allows for cross site scripting. The issue is related to the manipulation of the trid argument within an HTTP GET request handled by a file, /map.php, and an unknown function. The attack can be initiated remotely. The exploit has been released publicly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.