Lucene search
GoogleOSV:GHSA-3FR8-MWPP-8H9PHistoryMay 17, 2021 - 9:01 p.m.
Cross-site scripting in TileServer GL
2021-05-1721:01:15
Google
osv.dev
5
0.004 Low
EPSS
Percentile
73.1%
An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application’s main page, causing reflected XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tileserver-gl | lt | 3.1.0 |
Related
osv
osv
CVE-2020-15500
2020-07-01 23:15:10
zdt
zdt
Tileserver-gl 3.0.0 - (key) Reflected Cross-Site Scripting Vulnerability
2021-04-15 00:00:00
prion
prion
Cross site scripting
2020-07-01 23:15:00
github
github
Cross-site scripting in TileServer GL
2021-05-17 21:01:15
packetstorm
packetstorm
Tileserver-gl 3.0.0 Cross Site Scripting
2021-04-15 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-07-03 04:48:05
nuclei
nuclei
TileServer GL <=3.0.0 - Cross-Site Scripting
2021-04-11 10:42:21
cvelist
cvelist
CVE-2020-15500
2020-07-01 22:14:44
nvd
nvd
CVE-2020-15500
2020-07-01 23:15:10
cve
cve
CVE-2020-15500
2020-07-01 23:15:10