HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting (XSS). An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser.CreditsDariusz GońdaReferenceshttps://cert.pl/en/posts/2024/08/CVE-2024-6449https://cert.pl/posts/2024/08/CVE-2024-6449