CVE 2017-1000426

MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure.

See the CVE page on Mitre.org for more details.