CVE-2026-0521
CVE-2026-0521 is a reflected XSS in TYDAC AG MAP+ PDF export. Affects MAP+ 3.4.0; an unauthenticated attacker can craft a malicious URL that, when visited by a victim, executes arbitrary JavaScript in the victim’s context. Verified in MAP+: 3.4.0. Remediation: there is no confirmed fixed version ...