Lucene search
K

4 matches found

circl
circl
added 2025/07/29 8:51 p.m.16 views

CVE-2025-44136

creationtimestamp| type| source ---|---|--- 2025-07-29 20:51:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv4ydszwqv2d 2025-11-07 00:09:52+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-44136.yaml 2025-11-08...

9.8CVSS5.5AI score0.02507EPSS
Exploits2References4
nvd
nvd
added 2025/07/29 5:15 p.m.7 views

CVE-2025-44136

MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting XSS. The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser...

9.8CVSS0.02507EPSS
Exploits2References2
cve
cve
added 2025/07/29 12:0 a.m.31 views

CVE-2025-44136

MapTiler Tileserver-php v2.0 is affected by an unauthenticated reflected XSS in the GET parameter layer, which is echoed in an error message without HTML encoding. This allows an attacker to execute arbitrary HTML/JavaScript in a victim’s browser. Connected sources confirm the vulnerable componen...

9.8CVSS6.1AI score0.02507EPSS
In wildExploits2References2Affected Software1
osv
osv
added 2025/07/29 12:0 a.m.6 views

CVE-2025-44136

MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting XSS. The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser...

9.8CVSS5.8AI score0.02507EPSS
Exploits2References4
Rows per page
Query Builder