A security fix is available for MapGuide Open Source. This fix mitigates several XSS vulnerabilities reported in the MapGuide Site Administrator tool.
Download: https://download.osgeo.org/mapguide/patches/mapadmin_xss_fix/mapadmin_xss_fix.zip To apply, simply extract the zip contents to the www/mapadmin folder of your MapGuide installation and overwrite all existing files. This fix can be applied to the following versions of MapGuide Open Source: - 2.6.1 - 3.0.0 - 3.1.0 - 3.1.1 - 3.1.2 - Any preview release of 4.0.0 Special thanks to Eitan Shav of mend.io (https://www.mend.io/) who found and reported this vulnerability.
_______________________________________________ mapguide-users mailing list [email protected] https://lists.osgeo.org/mailman/listinfo/mapguide-users
