4 matches found
CVE-2025-44136
creationtimestamp| type| source ---|---|--- 2025-07-29 20:51:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv4ydszwqv2d 2025-11-07 00:09:52+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-44136.yaml 2025-11-08...
CVE-2025-44136
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting XSS. The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser...
CVE-2025-44136
MapTiler Tileserver-php v2.0 is affected by an unauthenticated reflected XSS in the GET parameter layer, which is echoed in an error message without HTML encoding. This allows an attacker to execute arbitrary HTML/JavaScript in a victim’s browser. Connected sources confirm the vulnerable componen...
CVE-2025-44136
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting XSS. The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser...