CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-53307

A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.5%

CVSS Severity

CVSS v3 Score 5.4

References

https://gist.github.com/Xib3rR4dAr/bf754848f1cd77162f79226144b04648
https://webhelp.evisions.com/releaseguides/maps/default.htm#6.11/6.11%20Release%20Notes.htm?TocPath=MAPS%25206.11%2520Release%2520Guide%257C_____3
https://gist.github.com/Xib3rR4dAr/bf754848f1cd77162f79226144b04648

Products affected by CVE-2024-53307

Evisions » Maps » Version: Any

cpe:2.3:a:evisions:maps:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-53307

Products

Pricing

Contact Us