Lucene search
K

129 matches found

Chainguard
Chainguard
added 2025/04/01 10:13 p.m.29 views

CVE-2024-12905 vulnerabilities

Vulnerabilities for packages: tileserver-gl, sqlpad, tileserver-gl-fips, kibana, code-server...

7.5CVSS6.7AI score0.02186EPSS
Exploits2
Chainguard
Chainguard
added 2025/04/01 10:13 p.m.23 views

GHSA-PQ67-2WWV-3XJX vulnerabilities

Vulnerabilities for packages: tileserver-gl, sqlpad, tileserver-gl-fips, kibana, code-server...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/14 1:30 a.m.10 views

CVE-2024-35627

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...

6.1CVSS6.1AI score0.00957EPSS
Exploits0References3
Chainguard
Chainguard
added 2024/12/05 10:40 p.m.11 views

GHSA-RHX6-C78J-4Q9W vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, sqlpad, tileserver-gl, kubeflow-centraldashboard, argo-workflows, thingsboard, grafana-image-renderer, tileserver-gl-fips...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2024/11/08 5:15 a.m.8 views

CVE-2024-21538 vulnerabilities

Vulnerabilities for packages: vitess, sqlpad, tileserver-gl, argo-workflows, graalvm, pgadmin4, ts-patch, airflow, eslint, node-gyp, lerna, opensearch-dashboards-fips, tileserver-gl-fips, opensearch-dashboards, py3-captum, kibana, renovate...

8.7CVSS6.7AI score0.00873EPSS
Exploits0
NVD
NVD
added 2024/10/30 1:15 a.m.13 views

CVE-2024-10503

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

6.1CVSS0.00308EPSS
Exploits0References3
OSV
OSV
added 2024/10/30 1:15 a.m.4 views

CVE-2024-10503

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

6.1CVSS3.6AI score0.00308EPSS
Exploits0References3
CVE
CVE
added 2024/10/30 1:0 a.m.49 views

CVE-2024-10503

CVE-2024-10503 affects Klokan MapTiler tileserver-gl 2.3.1. The vulnerability is in the URL Handler component where manipulation of the key parameter enables cross-site scripting. Exploitation is possible remotely; disclosures exist but details on a fixed version are not provided in the documents...

6.1CVSS4AI score0.00308EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 1:0 a.m.12 views

CVE-2024-10503 Klokan MapTiler tileserver-gl URL cross site scripting

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

5.3CVSS6AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/30 1:0 a.m.15 views

CVE-2024-10503 Klokan MapTiler tileserver-gl URL cross site scripting

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

5.3CVSS0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.4 views

PT-2024-16324 · Klokan Maptiler · Tileserver-Gl

Name of the Vulnerable Software and Affected Versions: Klokan MapTiler tileserver-gl version 2.3.1 Description: A vulnerability was found in the component URL Handler of Klokan MapTiler tileserver-gl, which can lead to cross-site scripting when the key argument is manipulated. This issue can be...

6.1CVSS6.3AI score0.00308EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.4 views

TileServer GL 跨站脚本漏洞

TileServer GL is an open source map server for vector blocks from the Maptiler team. A cross-site scripting vulnerability exists in TileServer GL version 2.3.1, which stems from a parameter key of the component URL Handler can lead to cross-site scripting attacks...

6.1CVSS4.4AI score0.00308EPSS
Exploits0References3
NVD
NVD
added 2024/05/22 7:15 p.m.18 views

CVE-2024-35627

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...

6.1CVSS6AI score0.00957EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/22 7:10 p.m.15 views

CVE-2024-35627

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...

6.2AI score0.00957EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/22 7:10 p.m.30 views

CVE-2024-35627

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...

6AI score0.00957EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.7 views

TileServer GL 安全漏洞

TileServer GL is an open source map server for vector blocks from the Maptiler team. A security vulnerability exists in TileServer GL v4.4.10 and earlier, which stems from a cross-site scripting XSS vulnerability in component /data/v3/?key...

6.1CVSS5.7AI score0.00957EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.9 views

PT-2024-26572 · Unknown · Tileserver-Gl

Name of the Vulnerable Software and Affected Versions: tileserver-gl versions up to 4.4.10 Description: The issue is a cross-site scripting XSS vulnerability. It affects the component "/data/v3/?key". Recommendations: For versions up to 4.4.10, update to a version later than 4.4.10 to resolve the...

6.1CVSS5.9AI score0.00957EPSS
Exploits0References5
OSV
OSV
added 2021/05/17 9:1 p.m.14 views

GHSA-3FR8-MWPP-8H9P Cross-site scripting in TileServer GL

An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS...

6.1CVSS6.2AI score0.12224EPSS
Exploits3References5
Github Security Blog
Github Security Blog
added 2021/05/17 9:1 p.m.51 views

Cross-site scripting in TileServer GL

An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS...

6.1CVSS0.6AI score0.12224EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2021/04/15 12:0 a.m.30 views

Tileserver-gl 3.0.0 - (key) Reflected Cross-Site Scripting Vulnerability

Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain 0day.today 2021-10-22...

6.1CVSS0.5AI score0.12224EPSS
Exploits3
Rows per page
Query Builder