A security flaw has been discovered in ixmaps website. This impacts a function of the file /map.php of the component HTTP GET Request Handler. Manipulating the argument trid results in cross site scripting, which can be exploited remotely. The exploit is publicly available. Continuous delivery is used, so no specific version details are provided. The vendor was contacted but did not respond.
CVE-2025-11291
🟡 Medium
CVE-2025-11291: Security Flaw in ixmaps website
A vulnerability in ixmaps website allows remote cross site scripting through manipulation of the trid argument in /map.php. The vendor has not responded to notifications.
CVE ID
CVE-2025-11291
CVSS Score
4.3
Vendor
unknown
Published
Oct 05
Vulnerability Details
- CVE ID
- CVE-2025-11291
- Severity
- Medium
- CVSS v3 Score
- 4.3 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 05, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners