129 matches found
CVE-2024-12905 vulnerabilities
Vulnerabilities for packages: tileserver-gl, sqlpad, tileserver-gl-fips, kibana, code-server...
GHSA-PQ67-2WWV-3XJX vulnerabilities
Vulnerabilities for packages: tileserver-gl, sqlpad, tileserver-gl-fips, kibana, code-server...
CVE-2024-35627
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...
GHSA-RHX6-C78J-4Q9W vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, sqlpad, tileserver-gl, kubeflow-centraldashboard, argo-workflows, thingsboard, grafana-image-renderer, tileserver-gl-fips...
CVE-2024-21538 vulnerabilities
Vulnerabilities for packages: vitess, sqlpad, tileserver-gl, argo-workflows, graalvm, pgadmin4, ts-patch, airflow, eslint, node-gyp, lerna, opensearch-dashboards-fips, tileserver-gl-fips, opensearch-dashboards, py3-captum, kibana, renovate...
CVE-2024-10503
A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-10503
A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-10503
CVE-2024-10503 affects Klokan MapTiler tileserver-gl 2.3.1. The vulnerability is in the URL Handler component where manipulation of the key parameter enables cross-site scripting. Exploitation is possible remotely; disclosures exist but details on a fixed version are not provided in the documents...
CVE-2024-10503 Klokan MapTiler tileserver-gl URL cross site scripting
A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-10503 Klokan MapTiler tileserver-gl URL cross site scripting
A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
PT-2024-16324 · Klokan Maptiler · Tileserver-Gl
Name of the Vulnerable Software and Affected Versions: Klokan MapTiler tileserver-gl version 2.3.1 Description: A vulnerability was found in the component URL Handler of Klokan MapTiler tileserver-gl, which can lead to cross-site scripting when the key argument is manipulated. This issue can be...
TileServer GL 跨站脚本漏洞
TileServer GL is an open source map server for vector blocks from the Maptiler team. A cross-site scripting vulnerability exists in TileServer GL version 2.3.1, which stems from a parameter key of the component URL Handler can lead to cross-site scripting attacks...
CVE-2024-35627
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...
CVE-2024-35627
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...
CVE-2024-35627
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key...
TileServer GL 安全漏洞
TileServer GL is an open source map server for vector blocks from the Maptiler team. A security vulnerability exists in TileServer GL v4.4.10 and earlier, which stems from a cross-site scripting XSS vulnerability in component /data/v3/?key...
PT-2024-26572 · Unknown · Tileserver-Gl
Name of the Vulnerable Software and Affected Versions: tileserver-gl versions up to 4.4.10 Description: The issue is a cross-site scripting XSS vulnerability. It affects the component "/data/v3/?key". Recommendations: For versions up to 4.4.10, update to a version later than 4.4.10 to resolve the...
GHSA-3FR8-MWPP-8H9P Cross-site scripting in TileServer GL
An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS...
Cross-site scripting in TileServer GL
An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS...
Tileserver-gl 3.0.0 - (key) Reflected Cross-Site Scripting Vulnerability
Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain 0day.today 2021-10-22...