Lucene search
Veracode Vulnerability DatabaseVERACODE:25811HistoryJul 03, 2020 - 4:48 a.m.
Cross-site Scripting (XSS)
2020-07-0304:48:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
0.004 Low
EPSS
Percentile
73.1%
tileserver-gl is vulnerable to cross-site scripting (XSS). The vulnerability exists because the key GET parameter is not escaped properly, allowing an attacker to inject malicious script and get it executed when a user visits the application’s main page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tileserver-gl | le | 3.0.0 | |
| tileserver-gl | le | 2.3.1 | |
| tileserver-gl | le | 3.0.0 | |
| tileserver-gl | le | 2.3.1 |
Related
osv
osv
CVE-2020-15500
2020-07-01 23:15:10
Cross-site scripting in TileServer GL
2021-05-17 21:01:15
zdt
zdt
Tileserver-gl 3.0.0 - (key) Reflected Cross-Site Scripting Vulnerability
2021-04-15 00:00:00
prion
prion
Cross site scripting
2020-07-01 23:15:00
github
github
Cross-site scripting in TileServer GL
2021-05-17 21:01:15
packetstorm
packetstorm
Tileserver-gl 3.0.0 Cross Site Scripting
2021-04-15 00:00:00
nuclei
nuclei
TileServer GL <=3.0.0 - Cross-Site Scripting
2021-04-11 10:42:21
cvelist
cvelist
CVE-2020-15500
2020-07-01 22:14:44
nvd
nvd
CVE-2020-15500
2020-07-01 23:15:10
cve
cve
CVE-2020-15500
2020-07-01 23:15:10