5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.3%
MapProxy version 1.11.1 and older are vulnerable to cross-site scripting in the demo service resulting in possible information disclosure. An incomplete fix was released in v1.10.4, and a complete fix was released in v1.11.1.
github.com/mapproxy/mapproxy
github.com/mapproxy/mapproxy/commit/420412aad45171e05752007a0a2350c03c28dfd8
github.com/mapproxy/mapproxy/commit/436c8f489761d1b4ee22b2440b53cc96bbc28aea
github.com/mapproxy/mapproxy/issues/322
nvd.nist.gov/vuln/detail/CVE-2017-1000426