Security update: MapContrib 1.11

The last MapContrib version has been released today and it contains a security update that changes the Statistics field behavior in the theme settings.

By using that field, an ill-intentioned theme creator was able to introduce a malicious JavaScript code and exploit a security breach called XSS. From now on, every JavaScript codes introduced in that field (and every other fields ine the administration panels) will be erased.

If you were using the Statistics field, replace your code by its image equivalent. Every statistics platform propose that kind of technical solution, Piwik/Matomo included.

We are sorry for the inconvenience but our users safety is one of our priorities.

Thanks to Midgard for warning us about that issue 👋

Leave a Reply

Your email address will not be published. Required fields are marked *