CVE Details
Basic Information
| Title | Astun Technology iShare Maps mycouncil2.aspx cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-05-31T13:00:06.594Z |
| Last Seen |
Product Information
| Vendor | Astun Technology |
|---|---|
| Product | iShare Maps |
| Version | 5.4.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting (XSS) vulnerability exists in Astun Technology iShare Maps 5.4.0, specifically in the mycouncil2.aspx file. The vulnerability allows remote attackers to inject malicious scripts into the application via the atTxtStreet parameter, potentially leading to unauthorized actions or data theft. The vendor was contacted but did not respond. |
|---|---|
| AI Severity | Medium |
| Vendor | Astun Technology |
| Product | iShare Maps |
| Affected Version | 5.4.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family | |
| Source Data | Astun Technology iShare Maps 5.4.0 |
Source Information
| Source Data | Astun Technology iShare Maps 5.4.0 |
|---|---|
| Source Link |
Description
A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0. This affects an unknown part of the file mycouncil2.aspx. The manipulation of the argument atTxtStreet leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score Summary
Base Score: 5.3 (MEDIUM)