[mapguide-internals] MapGuide Site Administrator XSS vulnerability fix
Jackie Ng
jumpinjackie at gmail.com
Tue Aug 23 06:57:14 PDT 2022
A security fix is available for MapGuide Open Source.
This fix mitigates several XSS vulnerabilities reported in the MapGuide
Site Administrator tool.
Download:
https://download.osgeo.org/mapguide/patches/mapadmin_xss_fix/mapadmin_xss_fix.zip
To apply, simply extract the zip contents to the www/mapadmin folder of
your MapGuide installation and overwrite all existing files.
This fix can be applied to the following versions of MapGuide Open Source:
- 2.6.1
- 3.0.0
- 3.1.0
- 3.1.1
- 3.1.2
- Any preview release of 4.0.0
Special thanks to Eitan Shav of mend.io (https://www.mend.io/) who found
and reported this vulnerability.
More information about the mapguide-internals
mailing list