CVE-2024-53307 Information

Description

A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user’s browser via injecting a crafted payload.

Reference

https://gist.github.com/Xib3rR4dAr/bf754848f1cd77162f79226144b04648 https://gist.github.com/Xib3rR4dAr/bf754848f1cd77162f79226144b04648 https://webhelp.evisions.com/releaseguides/maps/default.htm#6.11/6.11%20Release%20Notes.htm?TocPath=MAPS%25206.11%2520Release%2520Guide%257C_____3